| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS15-086 | Vulnerability in System Center Operations Manager Could Allow Elevation of Privilege (3075158) | Microsoft System | Important | 12-08-2015 |
Technical Information
Brief overview of the risk:
This security update resolves a vulnerability in Microsoft System Center Operations Manager. The vulnerability could allow elevation of privilege if a user visits an affected website by way of a specially crafted URL. An attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes users to the affected website.
Detailed Information on the risk:
An elevation of privilege vulnerability exists in Microsoft System Center Operations Manager that is caused by the improper validation of input. An attacker who successfully exploited this vulnerability could inject a client-side script into the user’s browser. The script could spoof content, disclose information, or take any action that the user could take on the affected website on behalf of the targeted user.
Microsoft System Center 2012 Operations ManagerFurther information on this exploit is available at : MS15-086
Microsoft System Center 2012 Operations Manager R2
Affected Software
Microsoft System Center 2012 Operations ManagerMicrosoft System Center 2012 Operations Manager R2