Digital Defense announced today that they had uncovered a vulnerability affecting the cPanel and WebHost Manager (WHM) software. Until recently, the software exhibited a flaw that would allow bypassing of two-factor authentication (2FA). This would make the software vulnerable to brute force attacks.
How does this vulnerability affect our clients? It doesn’t. And here is why not:
- Our server firewall software has a intrusion detection system that stops brute force attacks in their tracks. Even if cPanel and WHM were vulnerable to the published flaw, attackers would not have had any success with our servers.
- We regularly update our cPanel and WHM installations. In this case, the new version that fixes the vulnerability was already installed by the time news of it was published.
Press releases:
- Digital Defence Inc’s statement: https://www.digitaldefense.com/news/zero-day-cpanel-and-webhost-manager
- cPanel Inc’s disclosure: https://news.cpanel.com/cpanel-tsr-2020-0007-full-disclosure
What you have to do:
- If you have two-factor authentication enabled, then you need not do anything.
- If you do not have two-factor authentication configured, we strongly recommend you do so. It will provide a valuable additional layer of security for your website and email.