Vulnerabilities > Jenkins > Compuware Ispw Operations
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-27 | CVE-2022-36898 | Missing Authorization vulnerability in Jenkins Compuware Ispw Operations A missing permission check in Jenkins Compuware ISPW Operations Plugin 1.0.8 and earlier allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins. | 4.3 |
| 2022-07-27 | CVE-2022-36899 | Unspecified vulnerability in Jenkins Compuware Ispw Operations Jenkins Compuware ISPW Operations Plugin 1.0.8 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties. | 8.2 |