SB2019080112 - Multiple vulnerabilities in cPanel, cPanel
Published: August 1, 2019 Updated: July 17, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 5 secuirty vulnerabilities.
1) Input validation error (CVE-ID: CVE-2016-10814)
The vulnerability allows a remote authenticated user to execute arbitrary code.
cPanel before 57.9999.54 allows demo-mode escape via show_template.stor (SEC-119).
2) Information disclosure (CVE-ID: CVE-2016-10815)
The vulnerability allows a remote authenticated user to gain access to sensitive information.
cPanel before 57.9999.54 allows arbitrary file-read operations for Webmail accounts via Branding APIs (SEC-120).
3) Input validation error (CVE-ID: CVE-2016-10816)
The vulnerability allows a remote authenticated user to execute arbitrary code.
cPanel before 57.9999.54 allows Webmail accounts to execute arbitrary code through forwarders (SEC-121).
4) SQL injection (CVE-ID: CVE-2016-10817)
The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data passed via the ModSecurity TailWatch log file (SEC-123). A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.
5) Inclusion of Sensitive Information in Log Files (CVE-ID: CVE-2016-10819)
The vulnerability allows a remote authenticated user to gain access to sensitive information.
In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd (SEC-125).
Remediation
Install update from vendor's website.