I ran a PCI scan on a cPanel server that I'm managing. One of the failed results showed this:
Does cPanel have a patch or an update to version 8.8 ?
Thanks!
-----------------------------
OpenSSH Privilege Escalation Vulnerability
THREAT: OpenSSH (OpenBSD Secure Shell) is a set of computer programs providing encrypted communication sessions over a computer network using the SSH protocol.
Affected Versions: OpenSSH 6.2 through 8.7
QID Detection Logic: This unauthenticated detection works by reviewing the version of the OpenSSH service.
IMPACT: Attack may lead to privilege escalation due to supplemental groups not initialized.
SOLUTION:
Customers are advised to upgrade to OpenSSH 8.8 (https://www.openssh.com/txt/release-8.8) or later to remediate these vulnerabilities.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
CVE-2021-41617 (https://www.openssh.com/txt/release-8.8)
Does cPanel have a patch or an update to version 8.8 ?
Thanks!
-----------------------------
OpenSSH Privilege Escalation Vulnerability
THREAT: OpenSSH (OpenBSD Secure Shell) is a set of computer programs providing encrypted communication sessions over a computer network using the SSH protocol.
Affected Versions: OpenSSH 6.2 through 8.7
QID Detection Logic: This unauthenticated detection works by reviewing the version of the OpenSSH service.
IMPACT: Attack may lead to privilege escalation due to supplemental groups not initialized.
SOLUTION:
Customers are advised to upgrade to OpenSSH 8.8 (https://www.openssh.com/txt/release-8.8) or later to remediate these vulnerabilities.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
CVE-2021-41617 (https://www.openssh.com/txt/release-8.8)