cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-43423,https://securityvulnerability.io/vulnerability/CVE-2022-43423,Jenkins Compuware Source Code Plugin Vulnerability Exposes Sensitive Java Properties,"The Jenkins Compuware Source Code Download plugin prior to version 2.0.13 is susceptible to an improper access control vulnerability. This issue arises from an unrestricted execution of agent/controller messages. Consequently, attackers with control over agent processes might exploit this flaw to access sensitive Java system properties from the Jenkins controller process. This vulnerability could lead to exposure of critical configuration details, enhancing the risk of further attacks.",Jenkins,"Jenkins Compuware Source Code Download For Endevor, Pds, And Ispw Plugin",5.3,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2022-10-19T00:00:00.000Z,0
CVE-2022-36896,https://securityvulnerability.io/vulnerability/CVE-2022-36896,Jenkins Compuware Plugin Vulnerability Exposes Configuration and Credential Details,"A missing permission check in the Jenkins Compuware Source Code Download for Endevor, PDS, and ISPW Plugin prior to version 2.0.12 could allow attackers with Overall/Read permissions to enumerate sensitive configurations, including host and port details, and access stored credentials IDs. This flaw poses risks to the integrity and confidentiality of Jenkins setups that leverage this plugin, potentially exposing critical information to unauthorized users.",Jenkins,"Jenkins Compuware Source Code Download For Endevor, Pds, And Ispw Plugin",6.5,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2022-07-27T14:23:58.000Z,0