Vulnerability Database

290,301

Total vulnerabilities in the database

CVE-2017-18425

In cPanel before 66.0.2, the cpdavd_error_log file can be created with weak permissions (SEC-280).

  • Published: Aug 2, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-18425
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 2.5
  • AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

  • Severity: Low
  • Score: 1.9
  • AV:L/AC:M/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
cpanel / cpanel 64.0.0 64.0.33
cpanel / cpanel 58.0.3 58.0.52
cpanel / cpanel 60.0.3 60.0.45
cpanel / cpanel 56.0.1 56.0.51
cpanel / cpanel 66.0.1 66.0.2
cpanel / cpanel 62.0.1 62.0.27