CVE-2021-38645: 
Open Management Infrastructure (OMI) vulnerability analysis and mitigation

The Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability (CVE-2021-38645), also known as OMIGOD, was disclosed on September 14, 2021. This vulnerability affects various Microsoft Azure services and components including Azure Automation State Configuration, Azure Diagnostics, Azure Security Center, Azure Sentinel, and Azure Stack Hub (NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (High) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. This indicates that the vulnerability requires local access, low attack complexity, low privileges, and no user interaction, while potentially impacting confidentiality, integrity, and availability at high levels (NVD).

If successfully exploited, this vulnerability could allow an attacker to elevate their privileges on affected systems. The high CVSS scores for confidentiality, integrity, and availability (all rated as High) indicate that successful exploitation could result in significant system compromise (NVD).

Microsoft has released security updates to address this vulnerability. Organizations are advised to apply updates according to vendor instructions as specified in CISA's Known Exploited Vulnerabilities Catalog (NVD).