Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:13 p.m.7 views

CVE-2022-36899

Jenkins Compuware ISPW Operations Plugin 1.0.8 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties...

8.2CVSS6.8AI score0.0085EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/08/10 12:0 a.m.8 views

The vulnerability of the Jenkins Compuware ISPW Operations Plugin, related to deficiencies in authentication procedures, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Jenkins Compuware ISPW Operations Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4.3CVSS5.5AI score0.00581EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/07/28 12:0 a.m.23 views

GHSA-57F2-52WJ-7VJ6 Agent-to-controller security bypass in Jenkins BMC Compuware ISPW Operations plugin

BMC Compuware ISPW Operations Plugin defines a controller/agent message that retrieves Java system properties. BMC Compuware ISPW Operations Plugin 1.0.8 and earlier does not restrict execution of the controller/agent message to agents. This allows attackers able to control agent processes to...

4.3CVSS8.2AI score0.0085EPSS
Exploits0References4
CVE
CVE
added 2022/07/27 2:24 p.m.118 views

CVE-2022-36898

CVE-2022-36898 affects Jenkins Compuware ISPW Operations Plugin 1.0.8 and earlier. The vulnerability is a missing permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs stored in Jenkins. T...

4.3CVSS4.4AI score0.00581EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder