cPanel vulnerability - TSR-2016-0001 Announcement Posted by on 28 January 2016 11:23 AM
|
|
The cPanel security team has identified several security concerns in their control panel software. They have released patches to address all these security concerns with the cPanel and WHM product. This patch addresses 20 vulnerabilities in cPanel & WHM software versions 11.54, 11.52, 11.50, and 11.48.
For more details regarding this announcement, please check the following article :- https://forums.cpanel.net/threads/cpanel-tsr-2016-0001-announcement.520741/
Whom does it affect?
We have made the necessary changes on all our shared hosting servers. If you have bought a VPS / Dedicated Server with cPanel addon added to it, then you need to read through the instructions mentioned below.
What do you need to know?
If your deployed cPanel & WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then we strongly recommend you to update your cPanel & WHM installations at your earliest convenience.
You need to update the cPanel to non-vulnerable versions :- The following cPanel & WHM versions address all known vulnerabilities:
11.54.0.4 & Greater 11.52.2.4 & Greater 11.50.4.3 & Greater 11.48.5.2 & Greater
Note : You can find the cPanel version either from WHM front-end interface at the top or by running the command “/usr/local/cpanel/cpanel -V” via command line interface (through SSH).
How do you update the cPanel version?
#/scripts/upcp --force
For more details regarding the cPanel upgrade, please check this link - https://documentation.cpanel.net/display/1142Docs/Upgrade+to+Latest+Version
If you have managed dedicated server and if there is any difficulty in upgrading the cPanel version, please open a ticket with the support team along with the dedicated server root user login credentials.
Incase you have any questions please reach out to the Support Team immediately.
| |
|