Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

cPanel Remote Privilege Escalation vulnerability

Medium

Synopsis

The remote host is vulnerable to a remote 'privilege escalation' flaw

Description

The remote host is running cpanel, a web-hosting control panel. The remote version of this software is vulnerable to a flaw wherein users can gain Administrative access. The root of the flaw is in the way that this version of cPanel allows new user accounts to access the root directory. An attacker, exploiting this flaw, would need the ability to authenticate and the ability to create a new user. Successful exploitation would result in the attacker gaining administrative access.

Solution

Upgrade to version greater than 11.18.4