cvedb.io
CVE-2022-36900
HIGH · CVSS 8.2
EPSS exploitation probability: 0%
Published 2022-07-27T15:15:09.777 · Last modified 2026-06-17T04:54:15.390

Summary

Jenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties.

Affected products

jenkins — compuware_zadviser_api

Does this affect you?

Add your gear to cvedb and we'll alert you only when jenkins ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.