CVE-2026-20967

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-20967
Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a network.

8.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20967 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:system_center_operations_manager:2019:-:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_1:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_1_hotfix:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_2:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_2_hotfix:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_3:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_3_hotfix:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_4:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_4_hotfix:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_5:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_5_hotfix:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2019:update_rollup_6:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2022:-:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2022:update_rollup_1:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2022:update_rollup_1_hotfix:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2022:update_rollup_2:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2022:update_rollup_2_hotfix:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2022:update_rollup_3:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2025:-:*:*:*:*:*:*
cpe:2.3:a:microsoft:system_center_operations_manager:2025:update_rollup_1:*:*:*:*:*:*
History

No history.

Information

Published : 2026-03-10 18:18

Updated : 2026-03-13 17:11

NVD link : CVE-2026-20967

Mitre link : CVE-2026-20967

CVE.ORG link : CVE-2026-20967

JSON object : View

Products Affected

microsoft

  • system_center_operations_manager
CWE
CWE-20

Improper Input Validation