Jenkins Compuware ISPW Ops Plugin 1.0.8: Exec Leak of Agent Sys Props
CVE-2022-36899 Published on July 27, 2022

Jenkins Compuware ISPW Operations Plugin 1.0.8 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties.

NVD

Affected Versions

Jenkins project Jenkins Compuware ISPW Operations Plugin:

Version unspecified, <= 1.0.8 is affected.

Exploit Probability

EPSS

0.39%

Percentile

60.44%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Jenkins Compuware ISPW Ops Plugin 1.0.8: Exec Leak of Agent Sys PropsCVE-2022-36899 Published on July 27, 2022

Affected Versions

Exploit Probability

Jenkins Compuware ISPW Ops Plugin 1.0.8: Exec Leak of Agent Sys Props
CVE-2022-36899 Published on July 27, 2022