AttackerKBAKB:E662D20B-9532-40DF-8E2C-DF1C335C3437CVE-2023-29489
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.004 Low
EPSS
Percentile
73.4%
An issue was discovered in cPanel before 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and 11.102.0.31.
Recent assessments:
cbeek-r7 at October 17, 2023 7:31am UTC reported:
A cross-site scripting vulnerability was identified in Cpanel with the ability to be exploited without requiring authentication. Furthermore, the XSS vulnerability remains exploitable, even if the cPanel management ports (2080, 2082, 2083, 2086) are not exposed externally. This implies that if your website is managed through cPanel, it may be vulnerable to cross-site scripting on ports 80 and 443.
This vulnerabilityβs allows us to execute arbitrary JavaScript without the need for authentication on nearly all webserver ports when using cPanel in its default configuration. Even on ports 80 and 443, one can access the /cpanelwebcall/ directory since it is being proxied to the cPanel management ports by Apache.
Consequently, an attacker can not only target the cPanel management ports but also the applications running on ports 80 and 443.
Assessed Attacker Value: 3
Assessed Attacker Value: 3Assessed Attacker Value: 5
Related
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.004 Low
EPSS
Percentile
73.4%