cPanel TSR-2018-0006 Full Disclosure

N

Nick Jackson

Guest
cPanel TSR-2018-0006 Full Disclosure SEC-366 Summary PostgreSQL password changes performed in an insecure manner. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 4.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Description When using the WHM ‘Configure PostgreSQL’ interface to change the primary PostgreSQL password, it was possible for unauthorized users to log into …

Continue reading...
 
Top