CVE-2021-38648: 
Open Management Infrastructure (OMI) vulnerability analysis and mitigation

Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability (CVE-2021-38648) was discovered in 2021, affecting Microsoft Azure services. This vulnerability is part of a set of vulnerabilities known as OMIGOD, which impacts Azure's Open Management Infrastructure component. The vulnerability affects multiple Azure services including Azure Automation State Configuration, Azure Diagnostics, Azure Security Center, Azure Sentinel, and Azure Stack Hub (Wiz Research).

The vulnerability is a privilege escalation flaw in OMI installations prior to version 1.6.8-1. It allows attackers to gain root privileges through a logical bug in the authentication process. The vulnerability received a CVSS v3.1 Base Score of 7.8 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

When exploited, the vulnerability allows attackers to elevate their privileges to root level on affected systems. This means an attacker could gain complete control over the target system, with the ability to execute arbitrary commands with the highest system privileges (Wiz Research).

Microsoft released a patch in version 1.6.8-1 of OMI to address this vulnerability. Organizations are advised to update to this version or later. CISA has mandated federal agencies to apply vendor updates by November 17, 2021 (NVD).