Root Account File-Rename Vulnerability in cPanel (SEC-254)

Root Account File-Rename Vulnerability in cPanel (SEC-254)

CVE-2017-18449 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

cPanel before 64.0.21 allows certain file-rename operations in the context of the root account via scripts/convert_roundcube_mysql2sqlite (SEC-254).

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.