This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 15%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBR%3C/text%3E%3C/svg%3E)
Does anybody know if this issue on the omi agent has the same impact on the scom agent which also uses omi?
And if true, if there's an updated version underway?
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38647
The vulnerability is fixed in the OMI version 1.6.8.1 which can be found on GitHub, they have also updated the Microsoft repo so you can update it from there as well.
Linux Software Repository for Microsoft Products
https://learn.microsoft.com/en-us/windows-server/administration/Linux-Package-Repository-for-Microsoft-Software
----------
If the reply was helpful please don't forget to upvote and/or accept as answer, thank you!
Best regards,
Leon
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 84%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHK%3C/text%3E%3C/svg%3E)
How can I check the omiserver version in RHEL 7?
/opt/omi/bin/omiserver --version
thanks!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 26%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Does the hotfix update require updating the agents to new versions aswell? Or will the current version for the UR3 remain?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 49%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAE%3C/text%3E%3C/svg%3E)
According to this yes it is vulnerable. But the latest release seems to be 1.6.8-1 on the repo after the fix was put in.
No updates for my test Centos 7 box yet as far as I can tell, still seems to be on 1.6.6
I've got an Ubuntu one somewhere as well, but I've been having some unrelated trouble connecting.
To follow up, it sounds like a manual patch at the moment. So grab the rpm or deb from the repository and apply.
Tnx, That's what i thought, hope a Microsoft emply can confirm this as well.