返回 CVE 浏览器

CVE-2017-18389

MEDIUM

6.3

CVSS Severity Score

EPSS Score0.1460%

EPSS Percentile20.35th

Published2019年8月2日

Last Modified2024年11月21日

Vulnerability Description

cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318).

Affected Platforms (CPE)

📦

Cpanel

Cpanel

>= 63.9999.74 and < 64.0.42

📦

Cpanel

Cpanel

>= 65.9999.38 and < 66.0.34

📦

Cpanel

Cpanel

>= 67.9999.64 and < 68.0.15

References & Advisories

🔗 https://documentation.cpanel.net/display/CL/68+Change+Log

🔗 https://news.cpanel.com/cpanel-tsr-2017-0006-full-disclosure/

🔗 https://documentation.cpanel.net/display/CL/68+Change+Log

相关漏洞威胁

CVE-2004-176910.0

The "Allow cPanel users to reset their password via email" feature in cPanel 9.1.0 build 34 and earlier, including 8.x, allows rem...

CVE-2004-177010.0

The login page for cPanel 9.1.0, and possibly other versions, allows remote attackers to execute arbitrary code via shell metachar...

CVE-2003-142510.0

guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter.

CVE-2015-284410.0

The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1420434000 allows remote attackers to execute arbitrary com...