Vulnerabilities > CVE-2022-36899 - Unspecified vulnerability in Jenkins Compuware Ispw Operations

047910
CVSS 8.2 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
jenkins

Summary

Jenkins Compuware ISPW Operations Plugin 1.0.8 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties.