{"id":"CVE-2024-21334","details":"Open Management Infrastructure (OMI) Remote Code Execution Vulnerability","modified":"2025-11-20T12:24:24.290436Z","published":"2024-03-12T17:15:49.310Z","references":[{"type":"FIX","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21334"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/microsoft/omi","events":[{"introduced":"0"},{"fixed":"3566da834bb3daa44742e383dd8024070e65fa76"}]}],"versions":["v1.0.8-6","v1.1.0-0","v1.2.0-35","v1.3.0-2","v1.4.0-6","v1.4.1-0","v1.4.2-1","v1.4.3","v1.4.3-1","v1.4.3-2","v1.4.4","v1.5.0","v1.6.0","v1.6.1-0","v1.6.10-0","v1.6.10-2","v1.6.11-0","v1.6.12-1","v1.6.2","v1.6.4-0","v1.6.4-1","v1.6.5-0","v1.6.6-0","v1.6.7-0","v1.6.8-0","v1.6.8-1","v1.6.9-0","v1.6.9-1","v1.7.0-0","v1.7.1-0","v1.7.3-0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-21334.json","vanir_signatures":[{"id":"CVE-2024-21334-135796c1","deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"function":"_RestoreMessage","file":"Unix/base/messages.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"length":1221,"function_hash":"283853359977270673249132531721684450443"}},{"id":"CVE-2024-21334-163d82e4","deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"function":"__MessageFromBatch","file":"Unix/base/messages.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"length":1346,"function_hash":"107375038197982287184125048890893845455"}},{"id":"CVE-2024-21334-27d04d2b","deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"function":"Selector_RemoveHandler","file":"Unix/sock/selector.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"length":592,"function_hash":"125994347877920433477935750030879708153"}},{"id":"CVE-2024-21334-38f920ef","deprecated":false,"signature_version":"v1","signature_type":"Line","target":{"file":"Unix/sock/selector.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"threshold":0.9,"line_hashes":["40086251044126985329878291460594342290","115571859281720928711278640824159544508","27227198204867798857433883462975949036","167719425397087030589095088443736109440","79620791178112573814705609060909971840","45137138683334773681652248406341600346","48964920218333186851182239724114811147","111530982635975867760616935241498327536","239885057547244452390839972143835374200","113642839703260389406649326130884765081","327681707332714380260500249675427736607","298089532962602413925927601912717679972"]}},{"id":"CVE-2024-21334-44e579c1","deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"function":"Sock_CreateLocalListener","file":"Unix/sock/sock.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"length":1069,"function_hash":"210630042453570680728240627771244829896"}},{"id":"CVE-2024-21334-6731a2a7","deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"function":"Batch_FixPointer","file":"Unix/base/batch.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"length":515,"function_hash":"110934388347971187079106684931775298809"}},{"id":"CVE-2024-21334-6ffdabe1","deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"function":"_ServerAuthenticateCallback","file":"Unix/http/httpauth.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"length":1702,"function_hash":"31773273585422771305117622502660874925"}},{"id":"CVE-2024-21334-78b93563","deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"function":"Selector_Run","file":"Unix/sock/selector.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"length":4068,"function_hash":"85307380515639270912321756049181647774"}},{"id":"CVE-2024-21334-8062fc24","deprecated":false,"signature_version":"v1","signature_type":"Line","target":{"file":"Unix/base/batch.h"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"threshold":0.9,"line_hashes":["327520399869912064372945173928840872449","95927774119680500298733920899542478130","308320041563916589835018219871843172900","52229369420490782270845190677028318536"]}},{"id":"CVE-2024-21334-8896be4f","deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"function":"IsClientAuthorized","file":"Unix/http/httpauth.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"length":11362,"function_hash":"93059285036886124512525592239510304579"}},{"id":"CVE-2024-21334-93c204b1","deprecated":false,"signature_version":"v1","signature_type":"Line","target":{"file":"Unix/server/servercommon.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"threshold":0.9,"line_hashes":["155410395429901194817535092053249286000","38318410630663470092193783728202331307","51826440986207213801801903483990610483"]}},{"id":"CVE-2024-21334-9eba667a","deprecated":false,"signature_version":"v1","signature_type":"Line","target":{"file":"Unix/http/httpauth.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"threshold":0.9,"line_hashes":["143584720519740902651205602917761539848","56318084142612172166904874236737151048","36727508123179021005036104363854703799","155390040285407665309595631208337612633","192609452867045639469180488308497171338","122762830067430268060745337062010577883","335185075135176296808196040842588740109","255418716928942739852265815242094448110"]}},{"id":"CVE-2024-21334-a091800e","deprecated":false,"signature_version":"v1","signature_type":"Line","target":{"file":"Unix/xml/xml.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"threshold":0.9,"line_hashes":["136057726127847187014409189186850292021","203571713183593824292029792636637600347","71225315725734883118431081212539904756","222257183983339497939553641065856825146"]}},{"id":"CVE-2024-21334-a272e93d","deprecated":false,"signature_version":"v1","signature_type":"Line","target":{"file":"Unix/sock/selector.h"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"threshold":0.9,"line_hashes":["47577867004554112011822943405660947060","80796666862828592286159019693011118395","312716718690734698796645556936314338701"]}},{"id":"CVE-2024-21334-a7994507","deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"function":"_ProcessReceivedMessage","file":"Unix/protocol/protocol.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"length":4425,"function_hash":"77629846753683139161900750516326785979"}},{"id":"CVE-2024-21334-c0f87810","deprecated":false,"signature_version":"v1","signature_type":"Line","target":{"file":"Unix/sock/sock.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"threshold":0.9,"line_hashes":["153702477135616783256800678213553825147","65956889984039644370283671745780188790","339704006630791077467025472700385532644","73116570232734525574688952150311794420","156324856563973194697154651095096699104","19061299018348537587349061181189619177","120083952588146720312098932687813258096","166242732051952112113317435080394478544"]}},{"id":"CVE-2024-21334-c445b3c5","deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"function":"_ReadHeader","file":"Unix/protocol/protocol.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"length":1979,"function_hash":"16512778668997431183111472815159565502"}},{"id":"CVE-2024-21334-c8e57085","deprecated":false,"signature_version":"v1","signature_type":"Line","target":{"file":"Unix/base/batch.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"threshold":0.9,"line_hashes":["146257350122683594724556291149739411681","150097587191009550302558702611199768920","229111409642889830192702000513624162355","212839018260853812878589184312416868790","199432120648473306092850235651286941565","234631785632709409463033608155550642444","276638041691484337714013281651852567280","338687107658681040931212717099728486081"]}},{"id":"CVE-2024-21334-d06bf9bd","deprecated":false,"signature_version":"v1","signature_type":"Line","target":{"file":"Unix/base/messages.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"threshold":0.9,"line_hashes":["293735672759476574646049407222947480852","86868371611955269112724458987911389513","44087322347934719285953228358280082910","152193692252015018182825442061416642909","38910306755131261806606744707241899488","72731643197383300493826863861687350589","251822173643711609223780696476749614290","70635684420629323387729669956158575094","224560057511671727884234523191497383913","223651462531481359840016679587816037338","231089645982332002057924207360402762220","112936037025739837061601916358364610208"]}},{"id":"CVE-2024-21334-dab3ae3a","deprecated":false,"signature_version":"v1","signature_type":"Line","target":{"file":"Unix/protocol/protocol.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"threshold":0.9,"line_hashes":["245788315057497120514438090922452017410","161979033648922961328884507819949609139","195970949431698232019382261207557423295","297626185105813231413286238204844601645","210766414832471625401665040062801811261","97498986947150479933344184542744306142","117897791369066291548698809898165898888","62710264665585549384033274159126258298","309893302978061487612330077993633877037","174411318885273714493598426557319564371","171830821180179242887166664883060954214","166428596423565919960647562778464970302","105356429498840939343973201449441292244","315451033512547881841732147488620089778","310766441197529170073377812022746732100","64506384319187936306863058721160236206"]}},{"id":"CVE-2024-21334-e5e5c5c0","deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"function":"XML_ParseCharFault","file":"Unix/xml/xml.c"},"source":"https://github.com/microsoft/omi/commit/3566da834bb3daa44742e383dd8024070e65fa76","digest":{"length":980,"function_hash":"255350834169405137678841614058576819301"}}]}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}