CVE-2022-43430

Severity

7.5HIGH

EPSS

4.4%

top 10.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedOct 19

Description

Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

CVEList

CVE-2022-43430: Jenkins Compuware Topaz for Total Test Plugin 2↗2022-10-19

▶

OSV

XXE vulnerability in Jenkins Compuware Topaz for Total Test Plugin↗2022-10-19

▶

GHSA

XXE vulnerability in Jenkins Compuware Topaz for Total Test Plugin↗2022-10-19

▶

Jenkins

Jenkins Security Advisory 2022-10-19↗2022-10-19

▶