Missing Permission Checks in Jenkins Compuware Xpediter Plugin <=1.0.7
CVE-2022-36897 Published on July 27, 2022

A missing permission check in Jenkins Compuware Xpediter Code Coverage Plugin 1.0.7 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins.

NVD

Products Associated with CVE-2022-36897

Want to know whenever a new CVE is published for Jenkins Compuware Xpediter Code Coverage? stack.watch will email you.

Jenkins Compuware Xpediter Code Coverage

Affected Versions

Jenkins project Jenkins Compuware Xpediter Code Coverage Plugin:

Version unspecified, <= 1.0.7 is affected.

Exploit Probability

EPSS

0.29%

Percentile

52.79%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Missing Permission Checks in Jenkins Compuware Xpediter Plugin <=1.0.7CVE-2022-36897 Published on July 27, 2022

Products Associated with CVE-2022-36897

Affected Versions

Exploit Probability

Missing Permission Checks in Jenkins Compuware Xpediter Plugin <=1.0.7
CVE-2022-36897 Published on July 27, 2022