CVE-2018-10905

EPSS 0.11% · P29 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-10905

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

CloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms. An attacker with access to an unprivileged local shell could use this flaw to execute commands as a high privileged user.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

访问控制不恰当

Source: NVD (National Vulnerability Database)

Vulnerability Title

Red Hat CloudForms Management Engine 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Red Hat CloudForms Management Engine（CFME）是美国红帽（Red Hat）公司的一个IaaS（基础设施即服务）云服务解决方案的管理引擎。 Red Hat CFME中的dRuby存在安全漏洞，该漏洞源于不正确的安全设置。攻击者可利用该漏洞以较高的特权用户身份执行命令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
[UNKNOWN]	cfme	n/a	-

II. Public POCs for CVE-2018-10905

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-10905

请登录查看更多情报信息。

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10905x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2018:2745vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2561vendor-advisoryx_refsource_REDHAT
https://nvd.nist.gov/vuln/detail/CVE-2018-10905

IV. Related Vulnerabilities

Same product: cfme

Same vendor: [UNKNOWN]

Same weakness: CWE-284

V. Comments for CVE-2018-10905

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2018-10905

I. Basic Information for CVE-2018-10905

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-10905

III. Intelligence Information for CVE-2018-10905

IV. Related Vulnerabilities

V. Comments for CVE-2018-10905

Leave a comment