CVE-2022-36898

A missing permission check in Jenkins Compuware ISPW Operations Plugin 1.0.8 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins...

CVE-2022-36897

A missing permission check in Jenkins Compuware Xpediter Code Coverage Plugin 1.0.7 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins...

CVE-2022-36897

Summary: Jenkins Compuware Xpediter Code Coverage Plugin

CVE-2022-36896

CVE-2022-36896 affects the Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin (versions 2.0.12 and earlier). The root cause is a missing permission check on several HTTP endpoints, enabling attackers with Overall/Read permission to enumerate Compuware hosts/ports and credent...

CVE-2022-36896

A missing permission check in Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin 2.0.12 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins...

CVE-2022-36895

A missing permission check in Jenkins Compuware Topaz Utilities Plugin 1.0.8 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins...

CVE-2022-36895

CVE-2022-36895 affects Jenkins Compuware Topaz Utilities Plugin (versions 1.0.8 and earlier). The vulnerability is a missing permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs sto...

Jenkins Compuware Xpediter Code Coverage Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

Jenkins Compuware ISPW Operations Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

Jenkins Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

PT-2022-4020 · Jenkins · Jenkins Compuware Source Code Download For Endevor +1

Name of the Vulnerable Software and Affected Versions: Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin versions 2.0.12 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware...

PT-2022-4018 · Compuware +1 · Jenkins Compuware Ispw Operations Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Compuware ISPW Operations Plugin versions 1.0.8 and earlier Description: The issue is related to the Jenkins Compuware ISPW Operations Plugin, which does not restrict the execution of a controller/agent message to agents. This allows...

PT-2022-4028 · Compuware +1 · Jenkins Compuware Zadviser Api Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Compuware zAdviser API Plugin versions 1.0.3 and earlier Description: The issue is related to a flaw in the data protection mechanism of the Jenkins Compuware zAdviser API Plugin. This flaw can be exploited by a remote attacker to gai...

appscanstandard-integration:ibm-security-appscanstandard-scanner (>=1.0 <=2.8), com.compuware.jenkins:compuware-common-configuration (>=1.0.6 <=1.0.11) +83 more potentially affected by CVE-2016-3726 via org.jenkins-ci.main:jenkins-core (>=1.652 <=2.29)

org.jenkins-ci.main:jenkins-core MAVEN version =1.652, =1.0, =1.0.6, =2.0.0, =2.0, =1.0.2, =1.0.0, =0.1.0, =0.1.0, =2.30.2, =1.2.0, =1.1.0, =0.17, =1.1.7, =1.2, =1.7 and more Source cves: CVE-2016-3726 Source advisory: OSV:GHSA-RX4R-GXPC-H85X...

appscanstandard-integration:ibm-security-appscanstandard-scanner (>=1.0 <=2.8), com.compuware.jenkins:compuware-common-configuration (>=1.0.6 <=1.0.11) +83 more potentially affected by CVE-2016-3727 via org.jenkins-ci.main:jenkins-core (>=1.652 <=2.29)

org.jenkins-ci.main:jenkins-core MAVEN version =1.652, =1.0, =1.0.6, =2.0.0, =2.0, =1.0.2, =1.0.0, =0.1.0, =0.1.0, =2.30.2, =1.2.0, =1.1.0, =0.17, =1.1.7, =1.2, =1.7 and more Source cves: CVE-2016-3727 Source advisory: OSV:GHSA-6CR3-CM5H-8Q96...

CVE-2005-3034

Compuware DriverStudio Remote Control service DSRsvc.exe 2.7 and 3.0 beta 2 allows remote attackers to bypass authentication via a null session...

CVE-2005-3035

Compuware DriverStudio Remote Control service DSRsvc.exe 2.7 and 3.0 beta 2 allows remote attackers to cause a denial of service reboot via a UDP packet sent directly to port 9110...

CVE-2005-3034

Compuware DriverStudio Remote Control service DSRsvc.exe 2.7 and 3.0 beta 2 allows remote attackers to bypass authentication via a null session...

CVE-2005-3034

CVE-2005-3034 affects the Compuware DriverStudio Remote Control service (DSRsvc.exe) versions 2.7 and 3.0 beta 2. The root cause is an authentication bypass through a null session, enabling remote attackers to access the service without valid credentials. The CVE is documented across multiple sou...

CVE-2005-3035

CVE-2005-3035 affects Compuware DriverStudio Remote Control service (DSRsvc.exe) versions 2.7 and 3.0 beta 2. An attacker can trigger a denial of service (reboot) by sending a UDP packet directly to port 9110. The available sources (NVD, Red Hat advisory, CVE listing) confirm the same impact but ...