CVE-2016-10791 - cPanel before 60.0.15 does not ensure that system accounts lack a valid password, so that logins are

CVE-2016-10791

Summary

cPanel before 60.0.15 does not ensure that system accounts lack a valid password, so that logins are impossible (CPANEL-9559).

References

https://documentation.cpanel.net/display/CL/60+Change+Log

Vulnerable Configurations

cpe:2.3:a:cpanel:cpanel:59.9999.58:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.58:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.63:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.63:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.70:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.70:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.73:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.73:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.78:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.78:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.86:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.86:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.89:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.89:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.99:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.99:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.111:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.111:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.119:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.119:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.130:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.130:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.134:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.134:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.137:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.137:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.145:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.145:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.149:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.149:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.157:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.157:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.161:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.161:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.164:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.164:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.167:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.167:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.169:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.169:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.171:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.171:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.173:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:59.9999.173:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.3:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.3:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.4:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.4:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.5:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.5:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.6:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.6:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.8:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.8:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.9:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.9:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.10:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.10:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.11:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.11:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.12:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.12:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.13:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.13:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.14:*:*:*:*:*:*:*
cpe:2.3:a:cpanel:cpanel:60.0.14:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 13-08-2019 - 15:17)
Impact:
Exploitability:

CWE

CWE-255

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:P/A:N

refmap via4

confirm

https://documentation.cpanel.net/display/CL/60+Change+Log

Last major update

13-08-2019 - 15:17

Published

06-08-2019 - 14:15

Last modified

13-08-2019 - 15:17