The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Microsoft Operations Manager

computer vulnerability alert CVE-2015-2420

Microsoft System Center Operations Manager: Cross Site Scripting of Web Console

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting in Web Console of Microsoft System Center Operations Manager, in order to run JavaScript code in the context of the web site.
Impacted products: SCOM.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 11/08/2015.
Identifiers: 3075158, CERTFR-2015-AVI-340, CVE-2015-2420, MS15-086, VIGILANCE-VUL-17636.

Description of the vulnerability

The Microsoft System Center Operations Manager product offers a web service.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting in Web Console of Microsoft System Center Operations Manager, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2015-0012

Microsoft System Center: privilege escalation via VMM User Role

Synthesis of the vulnerability

An attacker can use Microsoft System Center VMM, in order to escalate his privileges.
Impacted products: SCCM, SCOM.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 10/02/2015.
Identifiers: 3035898, CERTFR-2015-AVI-068, CVE-2015-0012, MS15-017, VIGILANCE-VUL-16167.

Description of the vulnerability

The Microsoft System Center Virtual Machine Manager product defines user roles.

However, VMM does not correctly validate these roles.

An attacker can therefore use Microsoft System Center VMM, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2014-2779

Microsoft Malware Protection Engine: denial of service

Synthesis of the vulnerability

An attacker can send a malicious file to the Microsoft Malware Protection Engine, in order to trigger a denial of service.
Impacted products: Forefront Security for Exchange Server, Forefront Threat Management Gateway, Forefront Unified Access Gateway, SCCM, SCOM, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista, Windows XP.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: document.
Creation date: 18/06/2014.
Identifiers: 2974294, CVE-2014-2779, VIGILANCE-VUL-14908.

Description of the vulnerability

The Microsoft Malware Protection Engine analyzes files searching for malware.

However, a malicious file locks this engine.

An attacker can therefore send a malicious file to the Microsoft Malware Protection Engine, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2013-1346

Microsoft System Center 2012 Endpoint Protection: memory corruption via Microsoft Malware Protection Engine

Synthesis of the vulnerability

An attacker can generate a memory corruption in Microsoft Malware Protection Engine of Microsoft System Center 2012 Endpoint Protection, in order to trigger a denial of service, and possibly to execute code.
Impacted products: SCOM.
Severity: 3/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 15/05/2013.
Identifiers: 2846338, BID-59885, CVE-2013-1346, VIGILANCE-VUL-12826.

Description of the vulnerability

The Microsoft Malware Protection Engine component analyzes files. It is installed in several Microsoft products.

However, the analysis of a malformed file corrupts its memory.

An attacker can therefore generate a memory corruption in Microsoft Malware Protection Engine of Microsoft System Center 2012 Endpoint Protection, in order to trigger a denial of service, and possibly to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2013-0009 CVE-2013-0010

Microsoft System Center Operations Manager: two Cross Site Scripting

Synthesis of the vulnerability

An attacker can use two Cross Site Scripting of Microsoft System Center Operations Manager, in order to execute JavaScript code in the context of the web site.
Impacted products: SCOM.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 08/01/2013.
Identifiers: 2748552, BID-55401, BID-55408, CERTA-2013-AVI-008, CVE-2013-0009, CVE-2013-0010, MS13-003, VIGILANCE-VUL-12311.

Description of the vulnerability

Two vulnerabilities were announced in the Web Console of Microsoft System Center Operations Manager.

Data coming from the attacker is directly displayed in generated web pages. [severity:2/4; BID-55401, CVE-2013-0009]

Data coming from the attacker is directly displayed in generated web pages. [severity:2/4; BID-55408, CVE-2013-0010]

An attacker can therefore use two Cross Site Scripting of Microsoft System Center Operations Manager, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Microsoft Operations Manager: