msrc_cve-2023-36043
Vulnerability from csaf_microsoft
Published
2023-11-14 08:00
Modified
2023-11-14 08:00
Summary
Open Management Infrastructure Information Disclosure Vulnerability
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Customer Action
Required. The vulnerability documented by this CVE requires customer action to resolve.
{
"document": {
"acknowledgments": [
{
"names": [
"Anonymous"
]
}
],
"aggregate_severity": {
"namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
},
{
"category": "general",
"text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
"title": "Customer Action"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2023-36043 Open Management Infrastructure Information Disclosure Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36043"
},
{
"category": "self",
"summary": "CVE-2023-36043 Open Management Infrastructure Information Disclosure Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/2023/msrc_cve-2023-36043.json"
},
{
"category": "external",
"summary": "Microsoft Exploitability Index",
"url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Open Management Infrastructure Information Disclosure Vulnerability",
"tracking": {
"current_release_date": "2023-11-14T08:00:00.000Z",
"generator": {
"date": "2025-01-01T02:15:45.239Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2023-36043",
"initial_release_date": "2023-11-14T08:00:00.000Z",
"revision_history": [
{
"date": "2023-11-14T08:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.7.3-0",
"product": {
"name": "System Center Operations Manager (SCOM) 2022 \u003c1.7.3-0",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "1.7.3-0",
"product": {
"name": "System Center Operations Manager (SCOM) 2022 1.7.3-0",
"product_id": "12058"
}
}
],
"category": "product_name",
"name": "System Center Operations Manager (SCOM) 2022"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.7.3-0",
"product": {
"name": "System Center Operations Manager (SCOM) 2019 \u003c1.7.3-0",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "1.7.3-0",
"product": {
"name": "System Center Operations Manager (SCOM) 2019 1.7.3-0",
"product_id": "12057"
}
}
],
"category": "product_name",
"name": "System Center Operations Manager (SCOM) 2019"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.7.3-0",
"product": {
"name": "System Center Operations Manager (SCOM) 2016 \u003c1.7.3-0",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "1.7.3-0",
"product": {
"name": "System Center Operations Manager (SCOM) 2016 1.7.3-0",
"product_id": "12056"
}
}
],
"category": "product_name",
"name": "System Center Operations Manager (SCOM) 2016"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-36043",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "general",
"text": "Microsoft",
"title": "Assigning CNA"
},
{
"category": "faq",
"text": "Successful exploitation of this vulnerability could allow an attacker to access credentials of privileged accounts stored in trace logs on the machine being monitored by SCOM.",
"title": "What type of information could be disclosed by this vulnerability?"
},
{
"category": "faq",
"text": "An attacker who successfully exploits this vulnerability could affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component could be different from the impacted component and are managed by different security authorities.",
"title": "According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?"
},
{
"category": "faq",
"text": "OMI versions v1.7.1-0 and below are affected.\nThe update disables logging of the credentials in the trace file and deletes the existing trace files that may have credentials logged.\nIn addition to updating their affected versions of SCOM, customers are encouraged to reset their privileged account passwords.",
"title": "What versions of OMI are affected?"
},
{
"category": "faq",
"text": "Successful exploitation of this vulnerability requires an attacker be an authenticated user with read access to the trace file on the machine being monitored with SCOM and OMI installed.",
"title": "According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?"
},
{
"category": "faq",
"text": "Open Management Infrastructure (OMI) is an open-source Web-Based Enterprise Management (WBEM) implementation for managing Linux and UNIX systems. SCOM uses this framework to orchestrate configuration management and log collection on Linux VMs.\nMore information can be found here: GitHub - Open Management Infrastructure.",
"title": "What is OMI?"
}
],
"product_status": {
"fixed": [
"12056",
"12057",
"12058"
],
"known_affected": [
"1",
"2",
"3"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-36043 Open Management Infrastructure Information Disclosure Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36043"
},
{
"category": "self",
"summary": "CVE-2023-36043 Open Management Infrastructure Information Disclosure Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36043"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "1.7.3-0:Security Update:https://www.microsoft.com/en-in/download/details.aspx?id=104213",
"product_ids": [
"1"
],
"url": "https://www.microsoft.com/en-in/download/details.aspx?id=104213"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "1.7.3-0:Security Update:https://www.microsoft.com/en-us/download/details.aspx?id=58208",
"product_ids": [
"2"
],
"url": "https://www.microsoft.com/en-us/download/details.aspx?id=58208"
},
{
"category": "vendor_fix",
"date": "2023-11-14T08:00:00.000Z",
"details": "1.7.3-0:Security Update:https://www.microsoft.com/en-us/download/details.aspx?id=29696",
"product_ids": [
"3"
],
"url": "https://www.microsoft.com/en-us/download/details.aspx?id=29696"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"exploitCodeMaturity": "FUNCTIONAL",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"remediationLevel": "TEMPORARY_FIX",
"reportConfidence": "CONFIRMED",
"scope": "CHANGED",
"temporalScore": 6.1,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:T/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Information Disclosure"
},
{
"category": "exploit_status",
"details": "Exploited:No;Latest Software Release:Exploitation Less Likely"
}
],
"title": "Open Management Infrastructure Information Disclosure Vulnerability"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.