#VU4863 Weak password in cPanel
Vulnerability identifier: #VU4863
Vulnerability risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-521
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
cPanel
Web applications /
Remote management & hosting panels
Vendor: cPanel, Inc
Description
The vulnerability allows a remote attacker to gain unauthorized access to database.
The Munin monitoring tool includes a plugin to check the status of the MySQL service. This plugin used a dedicated test MySQL user to provide this functionality. The password set for this user was identical to the username. In cPanel’s current configuration of Munin, this MySQL user is no longer required and has been removed.
Successful exploitation of this vulnerability may allow an attacker to gain unauthorized access to MySQL database.
Mitigation
This issue is resolved in the following builds:
62.0.4
60.0.35
58.0.43
56.0.43
54.0.36
Vulnerable software versions
cPanel: 11.54.0.0 - 11.62.0.2
External links
http://news.cpanel.com/tsr-2017-0001-full-disclosure/ (SEC-196)
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
