Jenkins CompUware Topaz Utilities Plugin <1.0.8: Missing Permission Check
CVE-2022-36895 Published on July 27, 2022

A missing permission check in Jenkins Compuware Topaz Utilities Plugin 1.0.8 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins.

NVD

Products Associated with CVE-2022-36895

Want to know whenever a new CVE is published for Jenkins Compuware Topaz Utilities? stack.watch will email you.

Jenkins Compuware Topaz Utilities

Affected Versions

Jenkins project Jenkins Compuware Topaz Utilities Plugin:

Version unspecified, <= 1.0.8 is affected.

Exploit Probability

EPSS

0.29%

Percentile

52.80%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Jenkins CompUware Topaz Utilities Plugin <1.0.8: Missing Permission CheckCVE-2022-36895 Published on July 27, 2022

Products Associated with CVE-2022-36895

Affected Versions

Exploit Probability

Jenkins CompUware Topaz Utilities Plugin <1.0.8: Missing Permission Check
CVE-2022-36895 Published on July 27, 2022