Azure OMI - Remote Code Execution (OMIGOD - CVE-2021-38647)

Severity
Vulnerability description
Not available
Risk description
Not available
Exploit capabilities

Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.

Recommendation
Not available
Codename
OMIGOD
Detectable with
Network Scanner
Scan engine
Sniper
Cisa Kev
Cybersecurity Infrastructure Security Agency (CISA) Yes
Exploitable with Sniper
Yes
CVE Published
Sep 1, 2021
Detection added at
Software Type
Azure
Vendor
Microsoft
Product
Open Management Interface (OMI)

Detect & validate this vulnerability

Go beyond surface scans. Get real validation with proprietary tools designed to prove what’s exploitable in your environment.