New Blog Post | Azure Sentinel To-Go! A Linux Lab with AUOMS - Learn About the OMI Vulnerability

%3CLINGO-SUB%20id%3D%22lingo-sub-2775559%22%20slang%3D%22en-US%22%3ENew%20Blog%20Post%20%7C%20Azure%20Sentinel%20To-Go!%20A%20Linux%20Lab%20with%20AUOMS%20-%20Learn%20About%20the%20OMI%20Vulnerability%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2775559%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22AshleyMartin_0-1632334732117.png%22%20style%3D%22width%3A%20700px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F312211i3F93318EA522F3FC%2Fimage-dimensions%2F700x436%3Fv%3Dv2%22%20width%3D%22700%22%20height%3D%22436%22%20role%3D%22button%22%20title%3D%22AshleyMartin_0-1632334732117.png%22%20alt%3D%22AshleyMartin_0-1632334732117.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-sentinel%2Fazure-sentinel-to-go-a-linux-lab-with-auoms-set-up-to-learn%2Fba-p%2F2772581%22%20target%3D%22_blank%22%3EAzure%20Sentinel%20To-Go!%20A%20Linux%20%3Apenguin%3A%20Lab%20with%20AUOMS%20Set%20Up%20to%20Learn%20About%20the%20OMI%20Vulnerability%20%3Acollision%3A%20-%20Microsoft%20Tech%20Community%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20data-contrast%3D%22auto%22%3ELast%20week%2C%20on%20September%2014%3C%2FSPAN%3E%3CSPAN%20data-contrast%3D%22auto%22%3Eth%3C%2FSPAN%3E%3CSPAN%20data-contrast%3D%22auto%22%3E%2C%202021%2C%20Microsoft%20released%20fixes%20for%20three%20Elevation%20of%20Privilege%20(EoP)%20vulnerabilities%3C%2FSPAN%3E%3CSPAN%20data-contrast%3D%22none%22%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fmsrc.microsoft.com%2Fupdate-guide%2Fvulnerability%2FCVE-2021-38645%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%20data-contrast%3D%22none%22%3ECVE-2021-38645%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-contrast%3D%22none%22%3E%2C%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fmsrc.microsoft.com%2Fupdate-guide%2Fvulnerability%2FCVE-2021-38649%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%20data-contrast%3D%22none%22%3ECVE-2021-38649%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-contrast%3D%22none%22%3E%2C%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fmsrc.microsoft.com%2Fupdate-guide%2Fvulnerability%2FCVE-2021-38648%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%20data-contrast%3D%22none%22%3ECVE-2021-38648%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-contrast%3D%22none%22%3E%2C%26nbsp%3B%3C%2FSPAN%3E%3CSPAN%20data-contrast%3D%22auto%22%3Eand%20one%20unauthenticated%20Remote%20Code%20Execution%20(RCE)%20vulnerability%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fmsrc.microsoft.com%2Fupdate-guide%2Fvulnerability%2FCVE-2021-38647%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%20data-contrast%3D%22none%22%3ECVE-2021-38647%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-contrast%3D%22auto%22%3E%26nbsp%3B.%26nbsp%3B%3C%2FSPAN%3E%3CSPAN%20data-ccp-props%3D%22%7B%26quot%3B201341983%26quot%3B%3A0%2C%26quot%3B335559739%26quot%3B%3A160%2C%26quot%3B335559740%26quot%3B%3A259%7D%22%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20data-contrast%3D%22none%22%3EThese%20vulnerabilities%20affect%20the%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2FMicrosoft%2Fomi%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%20data-contrast%3D%22none%22%3EOpen%20Management%20Infrastructure%20(OMI)%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-contrast%3D%22none%22%3E%2C%26nbsp%3Ban%20open-source%20project%26nbsp%3Bto%20further%20the%20development%20of%20a%20production%20quality%20implementation%20of%20the%20DMTF%20CIM%2FWBEM%20standards.%20The%20OMI%26nbsp%3BCommon%20Information%20Model%20Object%20Manager%20(CIMOM)%26nbsp%3Bis%20also%20designed%20to%20be%20portable%20and%20highly%20modular.%20It%20is%20written%20in%20C%20and%20the%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2FMicrosoft%2Fomi%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%3CSPAN%20data-contrast%3D%22none%22%3Ecode%20is%20available%20in%20GitHub%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%20data-contrast%3D%22none%22%3E.%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2775559%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20Sentinel%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ECloud%20Security%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ELog%20Analytics%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft

AshleyMartin_0-1632334732117.png

Azure Sentinel To-Go! A Linux :penguin: Lab with AUOMS Set Up to Learn About the OMI Vulnerability :...

Last week, on September 14th, 2021, Microsoft released fixes for three Elevation of Privilege (EoP) vulnerabilities CVE-2021-38645CVE-2021-38649CVE-2021-38648and one unauthenticated Remote Code Execution (RCE) vulnerability CVE-2021-38647 .  

These vulnerabilities affect the Open Management Infrastructure (OMI), an open-source project to further the development of a production quality implementation of the DMTF CIM/WBEM standards. The OMI Common Information Model Object Manager (CIMOM) is also designed to be portable and highly modular. It is written in C and the code is available in GitHub.

 

0 Replies