Approved changes feed: RSS · Atom
cpe:2.3:a:[unknown]:cfme:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | [Unknown] (5b07108a-8f0c-5d28-ab99-c4ff62adb460) |
|---|---|
| Product | Cfme (78fee737-e1b0-5c9d-b5e0-7e47cf9b4cbd) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2018-10905 |
vulnerable | 2026-06-03 14:38:00.413353 |
Details available
HIGH (7.8)
CloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms. An attacker with access to an unprivileged local shell could use this flaw to execute commands as a high privileged user.
Published: 2018-07-24T13:00:00.000Z
Updated: 2024-08-05T07:54:36.246Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-7497 |
vulnerable | 2026-06-03 14:37:32.202000 |
Details available
MEDIUM (4.1)
The dialog for creating cloud volumes (cinder provider) in CloudForms does not filter cloud tenants by user. An attacker with the ability to create storage volumes could use this to create storage volumes for any other tenant.
Published: 2018-07-27T15:00:00.000Z
Updated: 2024-08-05T16:04:11.900Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-5402 |
vulnerable | 2026-06-03 14:35:55.081655 |
Details available
HIGH (8.8)
A code injection flaw was found in the way capacity and utilization imported control files are processed. A remote, authenticated attacker with access to the capacity and utilization feature could use this flaw to execute arbitrary code as the user CFME runs as.
Published: 2018-10-31T13:00:00.000Z
Updated: 2024-08-06T01:00:59.994Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.