cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-36899,https://securityvulnerability.io/vulnerability/CVE-2022-36899,Denial of Access in Jenkins Compuware ISPW Operations Plugin by Jenkins,"The Jenkins Compuware ISPW Operations Plugin version 1.0.8 and earlier contains a security flaw that fails to restrict the execution of controller/agent messages solely to authorized agents. This oversight allows an attacker who can control the agent processes to access sensitive Java system properties, potentially compromising the security integrity of affected systems. It is crucial for users to update their plugins to mitigate risks associated with this vulnerability. For further information, refer to the official Jenkins security advisory.",Jenkins,Jenkins Compuware Ispw Operations Plugin,8.2,HIGH,0.0006600000197067857,false,,false,false,false,,,false,false,,2022-07-27T14:24:38.000Z,0
CVE-2022-36898,https://securityvulnerability.io/vulnerability/CVE-2022-36898,Missing Permission Check in Jenkins Compuware ISPW Operations Plugin,"The Jenkins Compuware ISPW Operations Plugin prior to version 1.0.8 has a flaw that allows users with Overall/Read permission to extract sensitive information. This includes enumerating hosts and ports of Compuware configurations as well as credential IDs stored within Jenkins. Without adequate permission checks, this vulnerability could lead to unauthorized disclosure of critical configuration data.",Jenkins,Jenkins Compuware Ispw Operations Plugin,4.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-07-27T14:24:25.000Z,0