Skip to main content

Compuware Topaz For Total Test

4 CVEs product

Monthly

CVE-2022-43430 Maven HIGH PATCH This Week

Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Jenkins Compuware Topaz For Total Test
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-43429 Maven HIGH This Week

Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Compuware Topaz For Total Test
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-43428 Maven MEDIUM PATCH This Month

Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure Jenkins Compuware Topaz For Total Test
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-43427 Maven MEDIUM PATCH This Month

Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Compuware Topaz For Total Test
NVD
CVSS 3.1
4.3
EPSS
0.5%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Jenkins Compuware Topaz For Total Test
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Compuware Topaz For Total Test
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure Jenkins +1
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Compuware Topaz For Total Test
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy