Design/Logic Flaw

2019-08-0117:15:00

PRIOn knowledge base

www.prio-n.com

4.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.8%

cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test (SEC-353).

CPENameOperatorVersion
cpanelge67.9999.64
cpanellt68.0.27
cpanelge61.9999.55
cpanellt62.0.39
cpanelge65.9999.38
cpanellt66.0.35

Name	Operator	Version
cpanel	ge	67.9999.64
cpanel	lt	68.0.27
cpanel	ge	61.9999.55
cpanel	lt	62.0.39
cpanel	ge	65.9999.38
cpanel	lt	66.0.35

References

documentation.cpanel.net/display/CL/68+Change+Log

news.cpanel.com/cpanel-tsr-2018-0001-full-disclosure/