{"id":13150,"date":"2019-09-18T08:18:18","date_gmt":"2019-09-18T08:18:18","guid":{"rendered":"http:\/\/news.cpanel.com\/?p=57543"},"modified":"2019-09-18T08:18:18","modified_gmt":"2019-09-18T08:18:18","slug":"cpanel-tsr-2019-0005-full-disclosure","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cpanel-tsr-2019-0005-full-disclosure\/","title":{"rendered":"cPanel TSR-2019-0005 Full Disclosure"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/news.cpanel.com\/wp-content\/uploads\/2017\/01\/og-cPnews-1.jpg\" class=\"ff-og-image-inserted\" alt=\"\" title=\"\"><\/div>\n<p>Yesterday&nbsp;<a href=\"https:\/\/news.cpanel.com\/tsr-2019-0005-announcement\/\" target=\"_blank\" rel=\"noopener\">cPanel released<\/a>&nbsp;new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel &amp; WHM product. Below is the full disclosure of the changes included in that update.<\/p>\n<p>Information on cPanel\u2019s security ratings is available at&nbsp;<a href=\"https:\/\/go.cpanel.net\/securitylevels\" target=\"_blank\" rel=\"noopener\">https:\/\/go.cpanel.net\/securitylevels<\/a>.<\/p>\n<p>If your deployed cPanel &amp; WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then we strongly encourage you to update your cPanel &amp; WHM installations at your earliest convenience.<\/p>\n<p><strong>SEC-528<\/strong><\/p>\n<p><strong>Summary<\/strong><\/p>\n<p>Self-XSS Vulnerability in the WHM Update Preferences<\/p>\n<p><strong>Security Rating<\/strong><\/p>\n<p>cPanel has assigned this vulnerability a CVSSv3 score of 4.7 CVSS:3.0\/AV:N\/AC:H\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N<\/p>\n<p><strong>Description<\/strong><\/p>\n<p>Error messages in the WHM Update Preferences interface were interpreted as Angular markup. These messages included input data provided by the user.<\/p>\n<p><strong>Credits<\/strong><\/p>\n<p>This issue was discovered by the cPanel Security Team.<\/p>\n<p><strong>Solution<\/strong><\/p>\n<p>This issue is resolved in the following builds:<br \/>11.82.0.15<br \/>11.78.0.39<\/p>\n<p><strong>SEC-517<\/strong><\/p>\n<p><strong>Summary<\/strong><\/p>\n<p>cPanel API token credentials remain after account rename or termination.<\/p>\n<p><strong>Security Rating<\/strong><\/p>\n<p>cPanel has assigned this vulnerability a CVSSv3 score of 8.0 CVSS:3.0\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:H\/I:H\/A:H<\/p>\n<p><strong>Description<\/strong><\/p>\n<p>When a cPanel user\u2019s account was renamed or terminated, the API tokens belonging to the account were left installed on the system under the old name. Any new accounts created with the same name would allow access to the previous account\u2019s API tokens.<\/p>\n<p><strong>Credits<\/strong><\/p>\n<p>This issue was discovered by the cPanel Security Team.<\/p>\n<p><strong>Solution<\/strong><\/p>\n<p>This issue is resolved in the following builds:<br \/>11.82.0.15<\/p>\n<p><strong>SEC-526<\/strong><\/p>\n<p><strong>Summary<\/strong><\/p>\n<p>Self-XSS Vulnerability in cPanel SSL Key Delete<\/p>\n<p><strong>Security Rating<\/strong><\/p>\n<p>cPanel has assigned this vulnerability a CVSSv3 score of 4.7 CVSS:3.0\/AV:N\/AC:H\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N<\/p>\n<p><strong>Description<\/strong><\/p>\n<p>When deleting an SSL key, the user is prompted to remove associated SSL certificates. The certificate name was not adequately encoded in this prompt.<\/p>\n<p><strong>Credits<\/strong><\/p>\n<p>This issue was discovered by the cPanel Security Team.<\/p>\n<p><strong>Solution<\/strong><\/p>\n<p>This issue is resolved in the following builds:<br \/>11.82.0.15<br \/>11.78.0.39<\/p>\n<p><strong>SEC-527<\/strong><\/p>\n<p><strong>Summary<\/strong><\/p>\n<p>Self-Stored XSS Vulnerability in WHM SSL Storage Manager<\/p>\n<p><strong>Security Rating<\/strong><\/p>\n<p>cPanel has assigned this vulnerability a CVSSv3 score of 4.7 CVSS:3.0\/AV:N\/AC:H\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N<\/p>\n<p><strong>Description<\/strong><\/p>\n<p>The WHM SSL Storage Manager interface allows resellers to manage their own SSL certificates and keys. The friendly_name field of displayed SSL keys was not adequately encoded in this interface.<\/p>\n<p><strong>Credits<\/strong><\/p>\n<p>This issue was discovered by the cPanel Security Team.<\/p>\n<p><strong>Solution<\/strong><\/p>\n<p>This issue is resolved in the following builds:<br \/>11.82.0.15<br \/>11.78.0.39<\/p>\n<p><strong>SEC-524<\/strong><\/p>\n<p><strong>Summary<\/strong><\/p>\n<p>XSS Vulnerabilities in cPanel LiveAPI example scripts.<\/p>\n<p><strong>Security Rating<\/strong><\/p>\n<p>cPanel has assigned this vulnerability a CVSSv3 score of 4.7 CVSS:3.0\/AV:N\/AC:H\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N<\/p>\n<p><strong>Description<\/strong><\/p>\n<p>The cPanel LiveAPI example scripts output multiple sets of data from the environment and cPanel runtime. This output was not adequately encoded.<\/p>\n<p><strong>Credits<\/strong><\/p>\n<p>This issue was discovered by the cPanel Security Team.<\/p>\n<p><strong>Solution<\/strong><\/p>\n<p>This issue is resolved in the following builds:<br \/>11.82.0.15<br \/>11.78.0.39<\/p>\n<p><strong>SEC-521<\/strong><\/p>\n<p><strong>Summary<\/strong><\/p>\n<p>Self-XSS Vulnerability in cPanel SSL Certificate Upload<\/p>\n<p><strong>Security Rating<\/strong><\/p>\n<p>cPanel has assigned this vulnerability a CVSSv3 score of 4.7 CVSS:3.0\/AV:N\/AC:H\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N<\/p>\n<p><strong>Description<\/strong><\/p>\n<p>When uploading an SSL certificates using the cPanel SSL Certificate Upload interface, the common name was not adequately encoded in the success message.<\/p>\n<p><strong>Credits<\/strong><\/p>\n<p>This issue was discovered by the cPanel Security Team.<\/p>\n<p><strong>Solution<\/strong><\/p>\n<p>This issue is resolved in the following builds:<br \/>11.82.0.15<br \/>11.78.0.39<\/p>\n<p><strong>SEC-503<\/strong><\/p>\n<p><strong>Summary<\/strong><\/p>\n<p>Demo account code execution via Chrome::get_dom UAPI function.<\/p>\n<p><strong>Security Rating<\/strong><\/p>\n<p>cPanel has assigned this vulnerability a CVSSv3 score of 7.3 CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:L<\/p>\n<p><strong>Description<\/strong><\/p>\n<p>The get_dom function in the Chrome UAPI module did not validate inputs properly. This could be misused by demo logins to execute arbitrary code embedded in Template Toolkit files.<\/p>\n<p><strong>Credits<\/strong><\/p>\n<p>This issue was discovered by the cPanel Security Team.<\/p>\n<p><strong>Solution<\/strong><\/p>\n<p>This issue is resolved in the following builds:<br \/>11.78.0.39<\/p>\n<p>For the PGP-signed message, please see: <a href=\"http:\/\/news.cpanel.com\/wp-content\/uploads\/2019\/09\/TSR-2019-0005.disclosure.signed.txt\" target=\"_blank\" rel=\"noopener\">TSR-2019-0005.disclosure.signed.txt<\/a>.<\/p>\n<p> \u0645\u062f\u06cc\u0631\u06cc\u062a \u0633\u0631\u0648\u0631 \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0648 \u0645\u0634\u0627\u0648\u0631\u0647 &#8211; \u062b\u0628\u062a \u062f\u0627\u0645\u0646\u0647<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Yesterday&nbsp;cPanel released&nbsp;new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel &amp; WHM product. Below is the full disclosure of the changes included in that update. Information on cPanel\u2019s security ratings is available at&nbsp;https:\/\/go.cpanel.net\/securitylevels. If your deployed cPanel &amp; WHM servers are configured to automatically update &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[],"class_list":["post-13150","post","type-post","status-publish","format-standard","hentry","category-cpanel-news"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/13150","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=13150"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/13150\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=13150"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=13150"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=13150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}