{"uuid": "32f69748-0d25-4fa5-8ad6-b12f4366c72f", "vulnerability": {"vulnId": "CVE-2021-38647", "altId": []}, "gcve": {"origin_uuid": "caeb2787-0d58-4236-9039-7c86c3e566f3", "object_uuid": "32f69748-0d25-4fa5-8ad6-b12f4366c72f"}, "status": {"exploited": true, "status_reason": "confirmed", "status_updated_at": "2021-11-03T00:00:00+00:00"}, "timestamps": {"asserted_at": "2021-11-03T00:00:00+00:00", "recorded_at": "2026-06-23T11:11:17+00:00", "first_seen_at": "2021-11-03T00:00:00+00:00"}, "scope": {"notes": "KEVIntel entry: Open Management Infrastructure Remote Code Execution Vulnerability | Affected: Microsoft / Open Management Infrastructure, System Center Operations Manager (SCOM), Azure Automation State Configuration, DSC Extension, Azure Automation Update Management, Log Analytics Agent, Azure Diagnostics (LAD), Container Monitoring Solution, Azure Security Center, Azure Sentinel, Azure Stack Hub | CVSS: 9.8 (CRITICAL) | Used in malware: yes | Not yet in CISA KEV: False"}, "evidence": [{"type": "public_report", "source": "kevintel", "signal": "confirmed_compromise", "confidence": 0.7, "details": {"feed": "KEVIntel (kevintel.com)", "title": "Open Management Infrastructure Remote Code Execution Vulnerability", "vendor": "Microsoft", "product": "Open Management Infrastructure, System Center Operations Manager (SCOM), Azure Automation State Configuration, DSC Extension, Azure Automation Update Management, Log Analytics Agent, Azure Diagnostics (LAD), Container Monitoring Solution, Azure Security Center, Azure Sentinel, Azure Stack Hub", "added_date": "2021-11-03T00:00:00.000Z", "cvss_score": 9.8, "epss_score": null, "cvss_severity": "CRITICAL", "epss_percentile": null, "used_in_malware": "yes", "ahead_of_cisa_kev": null, "not_yet_in_cisa_kev": false}}], "references": [{"id": "CVE-2021-38647", "url": "https://www.cve.org/CVERecord?id=CVE-2021-38647"}, {"id": "kevintel", "url": "https://kevintel.com/vuln/CVE-2021-38647"}]}