Jenkins Compuware zAdviser API Plugin <=1.0.3 Agent RCE
CVE-2022-36900 Published on July 27, 2022

Jenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties.

NVD

Affected Versions

Jenkins project Jenkins Compuware zAdviser API Plugin:

Version unspecified, <= 1.0.3 is affected.

Exploit Probability

EPSS

0.39%

Percentile

60.44%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Jenkins Compuware zAdviser API Plugin <=1.0.3 Agent RCECVE-2022-36900 Published on July 27, 2022

Affected Versions

Exploit Probability

Jenkins Compuware zAdviser API Plugin <=1.0.3 Agent RCE
CVE-2022-36900 Published on July 27, 2022