Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability for March 2024

Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability for March 2024

 

Threat 威胁 :

"Open Management Infrastructure (OMI) is an open-source Web-Based Enterprise Management (WBEM) implementation for managing Linux and UNIX systems. SCOM uses this framework to orchestrate configuration management and log collection on Linux VMs. 

Affected Software: 
System Center Operations Manager (SCOM) 2019 
System Center Operations Manager (SCOM) 2022 

QID Detection Logic (Authenticated): 
The QID checks for vulnerable version of Open Management Infrastructure (OMI version prior to v1.8.1-0 are affected)."

 

Impact 影响：

Successful exploitation of this vulnerability will locally elevate the attacker's privileges to communicate as Root with OMI server.

 

Result 检查的结果

"Package Installed Version Required Version
omi 1.7.3-0.x86_64 1.8.1-0#"

 

Solution 解决方案:

Users are advised to check the advisory (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21330) for more information. 
 Patch: 
Following are links for downloading patches to fix the vulnerabilities:
  CVE-2024-21330 (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21330)  CVE-2024-21334 (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21334)

 

最后笔者在 微软的 官方文档中，找到 【Linux Software Repository for Microsoft Products】相关的仓库，并将OMI升级到 1.9.1 版本,直接rpm -ivh 安装升级即可

7287aad50de4a64655a1efc71fcbf8a6  omi-1.9.1-0.x86_64.rpm

 

 

 

尊重别人的劳动成果 转载请务必注明出处：https://www.cnblogs.com/5201351/p/18594442