Multiple vulnerabilities in cPanel EasyApache



| Updated: 2024-12-13
Risk Medium
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2024-52316
CVE-2024-52317
CVE-2024-52318
CWE-ID CWE-287
CWE-399
CWE-79
Exploitation vector Network
Public exploit Public exploit code for vulnerability #2 is available.
Vulnerable software
EasyApache
Server applications / Other server solutions

Vendor cPanel, Inc

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Improper Authentication

EUVDB-ID: #VU100588

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-52316

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error when processing authentication requests. If Tomcat was configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the authentication may not have failed, allowing the user to bypass the authentication process.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EasyApache: 4 2017-5-16 - 4

CPE2.3 External links

http://news.cpanel.com/easyapache4-2024-11-20-maintenance-and-security-release/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Resource management error

EUVDB-ID: #VU100587

Risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2024-52317

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to improper management of internal resources when handling HTTP/2 responses, which causes request and/or response mix-up between users. A remote non-authenticated attacker can send a series of HTTP/2 requests and gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EasyApache: 4 2017-5-16 - 4

CPE2.3 External links

http://news.cpanel.com/easyapache4-2024-11-20-maintenance-and-security-release/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

3) Cross-site scripting

EUVDB-ID: #VU100591

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-52318

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in generated JSPs. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install update from vendor's website.

Vulnerable software versions

EasyApache: 4 2017-5-16 - 4

CPE2.3 External links

http://news.cpanel.com/easyapache4-2024-11-20-maintenance-and-security-release/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###