{"id":63825,"date":"2023-10-11T11:30:05","date_gmt":"2023-10-11T16:30:05","guid":{"rendered":"https:\/\/blog.cpanel.com\/?p=63825"},"modified":"2023-10-11T11:30:05","modified_gmt":"2023-10-11T16:30:05","slug":"cpanel-vulnerability-report-no-actions-required-by-default","status":"publish","type":"post","link":"https:\/\/devel.www.cpanel.net\/blog\/products\/cpanel-vulnerability-report-no-actions-required-by-default\/","title":{"rendered":"cPanel Vulnerability Report: No Actions Required by Default"},"content":{"rendered":"\n<p>Just a few days ago, Zero Day Initiative (ZDI) publicly disclosed not one, not two, but six Zero-Day vulnerabilities in the widely-used Exim mail server. These vulnerabilities have been lurking in the shadows since their discovery in June 2022, when precautionary steps were taken to release patches for Exim and libspf2. Now, the vulnerabilities are finally unraveled. And spoiler alert, you are totally safe!<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>No Action Required by Default on Your End<\/strong><\/h2>\n\n\n\n<p>At cPanel, we prioritize the security of your hosting environments. Therefore, we provide you with important information regarding the recent Zero-Day vulnerabilities that have been disclosed for Exim, the message transfer agent (MTA) used on millions of systems worldwide.<\/p>\n\n\n\n<p>Based on our latest risk assessment and understanding of the defect reports, <strong>no further action is required from your side<\/strong>. Further changes in cPanel &amp; WHM of any version are not needed.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>What is Exim?<\/strong><\/h2>\n\n\n\n<p>Exim serves as a robust message transfer agent (MTA) initially created at the University of Cambridge for Unix systems that maintain internet connectivity. This versatile MTA boasts a widespread presence across millions of systems globally and has a track record of encountering noteworthy security challenges.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Risk Assessment: Understanding the Zero-Day Disclosures<\/strong><\/h2>\n\n\n\n<p>Here is what we currently know about the Zero-Day vulnerabilities recently disclosed through the Zero Day Initiative (ZDI):<\/p>\n\n\n\n<p><a href=_-152.html target=\"_blank\" rel=\"noopener\" title=\"\"><strong>CVE-2023-42115<\/strong><\/a><strong>:<\/strong><br>Exim addressed issues specific to external authentication. <strong>If you are using cPanel Exim with the default settings, you are not vulnerable<\/strong> to this issue unless the &#8216;external&#8217; authentication driver is explicitly enabled.<\/p>\n\n\n\n<p><a href=_-153.html target=\"_blank\" rel=\"noopener\" title=\"\"><strong>CVE-2023-42114<\/strong><\/a><strong> <\/strong>&amp;<strong> <\/strong><a href=_-154.html target=\"_blank\" rel=\"noopener\" title=\"\"><strong>CVE-2023-42116<\/strong><\/a><strong>:<\/strong><br>Exim fixed vulnerabilities related to SPA (Secure Password Authentication) and NTLM (NT LAN Manager). By default, cPanel Exim is <strong>not vulnerable to these issues unless the &#8216;SPA&#8217; authentication driver is activated.<\/strong><\/p>\n\n\n\n<p><a href=_-155.html target=\"_blank\" rel=\"noopener\" title=\"\"><strong>CVE-2023-42117<\/strong><\/a><strong>:<\/strong><br>There is a known defect related to proxy protocol usage in Exim. This <strong>only poses a risk if your mail traffic is being proxied to your server<\/strong>, and the proxy is untrusted. We recommend verifying the trustworthiness of your proxy.<\/p>\n\n\n\n<p><a href=_-156.html target=\"_blank\" rel=\"noopener\" title=\"\"><strong>CVE-2023-42118<\/strong><\/a><strong>:<\/strong><br>A vulnerability related to libspf2 has been patched by cPanel to protect against integer underflow. However, due to limited details in ZDI&#8217;s reports, the exact nature of the problem remains unknown.<\/p>\n\n\n\n<p><a href=_-157.html target=\"_blank\" rel=\"noopener\" title=\"\"><strong>CVE-2023-42119<\/strong><\/a><strong>:<\/strong><br>Another unknown issue has been reported, this time related to dnsdb, cPanel Exim builds with dnsdb in version 102 and later. If you do not use smart hosts, you are not at risk. However, <strong>if you have manually added a dnsdb configuration in any version of cPanel &amp; WHM, please review your settings<\/strong>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Your Safety First<\/strong><\/h2>\n\n\n\n<p>Your security is of utmost importance to us, and we will continue to monitor this situation closely. Rest assured, our team is dedicated to keeping your hosting environments secure and up-to-date.<\/p>\n\n\n\n<p>If you have any questions or concerns about any potential vulnerabilities or any other security-related matters, please do not hesitate to reach out to our support team. We are here to assist you in every way.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Just a few days ago, Zero Day Initiative (ZDI) publicly disclosed not one, not two, but six Zero-Day vulnerabilities in the widely-used Exim mail server. These vulnerabilities have been lurking in the shadows since their discovery in June 2022, when precautionary steps were taken to release patches for Exim and libspf2. Now, the vulnerabilities are [&hellip;]<\/p>\n","protected":false},"author":77,"featured_media":65965,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[49,2281],"tags":[805,1801,2313],"class_list":["post-63825","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-products","category-security","tag-exim","tag-security","tag-vulnerability-report"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>cPanel Vulnerability Report: No Actions Required by Default | cPanel<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=_-219.html \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"cPanel Vulnerability Report: No Actions Required by Default | cPanel\" \/>\n<meta property=\"og:description\" content=\"Just a few days ago, Zero Day Initiative (ZDI) publicly disclosed not one, not two, but six Zero-Day vulnerabilities in the widely-used Exim mail server. These vulnerabilities have been lurking in the shadows since their discovery in June 2022, when precautionary steps were taken to release patches for Exim and libspf2. Now, the vulnerabilities are [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/devel.www.cpanel.net\/blog\/products\/cpanel-vulnerability-report-no-actions-required-by-default\/\" \/>\n<meta property=\"og:site_name\" content=\"cPanel\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cpanel\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-10-11T16:30:05+00:00\" \/>\n<meta name=\"author\" content=\"cPanel Community\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@cPanel\" \/>\n<meta name=\"twitter:site\" content=\"@cPanel\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"cPanel Community\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/devel.www.cpanel.net\/blog\/products\/cpanel-vulnerability-report-no-actions-required-by-default\/\",\"url\":\"https:\/\/devel.www.cpanel.net\/blog\/products\/cpanel-vulnerability-report-no-actions-required-by-default\/\",\"name\":\"cPanel Vulnerability Report: No Actions Required by Default | cPanel\",\"isPartOf\":{\"@id\":\"https:\/\/devel.www.cpanel.net\/#website\"},\"datePublished\":\"2023-10-11T16:30:05+00:00\",\"dateModified\":\"2023-10-11T16:30:05+00:00\",\"author\":{\"@id\":\"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/8cf97408aad4fb70cf55d11a1d4f57f8\"},\"breadcrumb\":{\"@id\":\"https:\/\/devel.www.cpanel.net\/blog\/products\/cpanel-vulnerability-report-no-actions-required-by-default\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/devel.www.cpanel.net\/blog\/products\/cpanel-vulnerability-report-no-actions-required-by-default\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/devel.www.cpanel.net\/blog\/products\/cpanel-vulnerability-report-no-actions-required-by-default\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/devel.www.cpanel.net\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"cPanel Vulnerability Report: No Actions Required by Default\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/devel.www.cpanel.net\/#website\",\"url\":\"https:\/\/devel.www.cpanel.net\/\",\"name\":\"cPanel\",\"description\":\"Hosting Platform of Choices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/devel.www.cpanel.net\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/8cf97408aad4fb70cf55d11a1d4f57f8\",\"name\":\"cPanel Community\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e1949945083b5526bb95711bd3d616b3?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e1949945083b5526bb95711bd3d616b3?s=96&d=mm&r=g\",\"caption\":\"cPanel Community\"},\"description\":\"The web hosting industry's most reliable management solution since 1997. With our first-class support and rich feature set, it's easy to see why our customers and partners make cPanel &amp; WHM their hosting platform of choice. For more information, visit cPanel.net.\",\"sameAs\":[\"https:\/\/cpanel.net\"],\"url\":\"https:\/\/devel.www.cpanel.net\/blog\/author\/cpadmin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"cPanel Vulnerability Report: No Actions Required by Default | cPanel","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/devel.www.cpanel.net\/blog\/products\/cpanel-vulnerability-report-no-actions-required-by-default\/","og_locale":"en_US","og_type":"article","og_title":"cPanel Vulnerability Report: No Actions Required by Default | cPanel","og_description":"Just a few days ago, Zero Day Initiative (ZDI) publicly disclosed not one, not two, but six Zero-Day vulnerabilities in the widely-used Exim mail server. These vulnerabilities have been lurking in the shadows since their discovery in June 2022, when precautionary steps were taken to release patches for Exim and libspf2. Now, the vulnerabilities are [&hellip;]","og_url":"https:\/\/devel.www.cpanel.net\/blog\/products\/cpanel-vulnerability-report-no-actions-required-by-default\/","og_site_name":"cPanel","article_publisher":"https:\/\/www.facebook.com\/cpanel\/","article_published_time":"2023-10-11T16:30:05+00:00","author":"cPanel Community","twitter_card":"summary_large_image","twitter_creator":"@cPanel","twitter_site":"@cPanel","twitter_misc":{"Written by":"cPanel Community","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/devel.www.cpanel.net\/blog\/products\/cpanel-vulnerability-report-no-actions-required-by-default\/","url":"https:\/\/devel.www.cpanel.net\/blog\/products\/cpanel-vulnerability-report-no-actions-required-by-default\/","name":"cPanel Vulnerability Report: No Actions Required by Default | cPanel","isPartOf":{"@id":"https:\/\/devel.www.cpanel.net\/#website"},"datePublished":"2023-10-11T16:30:05+00:00","dateModified":"2023-10-11T16:30:05+00:00","author":{"@id":"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/8cf97408aad4fb70cf55d11a1d4f57f8"},"breadcrumb":{"@id":"https:\/\/devel.www.cpanel.net\/blog\/products\/cpanel-vulnerability-report-no-actions-required-by-default\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/devel.www.cpanel.net\/blog\/products\/cpanel-vulnerability-report-no-actions-required-by-default\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/devel.www.cpanel.net\/blog\/products\/cpanel-vulnerability-report-no-actions-required-by-default\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/devel.www.cpanel.net\/"},{"@type":"ListItem","position":2,"name":"cPanel Vulnerability Report: No Actions Required by Default"}]},{"@type":"WebSite","@id":"https:\/\/devel.www.cpanel.net\/#website","url":"https:\/\/devel.www.cpanel.net\/","name":"cPanel","description":"Hosting Platform of Choices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/devel.www.cpanel.net\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/8cf97408aad4fb70cf55d11a1d4f57f8","name":"cPanel Community","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/e1949945083b5526bb95711bd3d616b3?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e1949945083b5526bb95711bd3d616b3?s=96&d=mm&r=g","caption":"cPanel Community"},"description":"The web hosting industry's most reliable management solution since 1997. With our first-class support and rich feature set, it's easy to see why our customers and partners make cPanel &amp; WHM their hosting platform of choice. For more information, visit cPanel.net.","sameAs":["https:\/\/cpanel.net"],"url":"https:\/\/devel.www.cpanel.net\/blog\/author\/cpadmin\/"}]}},"_links":{"self":[{"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/posts\/63825"}],"collection":[{"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/users\/77"}],"replies":[{"embeddable":true,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/comments?post=63825"}],"version-history":[{"count":0,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/posts\/63825\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/media\/65965"}],"wp:attachment":[{"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/media?parent=63825"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/categories?post=63825"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/tags?post=63825"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}