Any plans for updating cpanel-exim to 4.96 or newer?
We perform regular scans with outpost24 on our own servers and it's been complaining about the exim version used by cpanel since beginning of august (CVE-2022-37452). Are there plans to update the cpanel-exim package?
This vulnerability can be exploited with ease and network access to the system by an attacker who does not have access to credentials with some impact on confidentiality, some impact to the integrity of information and some impact on system or information availability. There are currently no exploits in the public domain. However, attacks may be well described or privately held.
CVSS score 7.5 CVSS V3 6.3 - Medium -
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
-
Hey there! Yes - 4.96 is included with cPanel 108 right from the start. 0 -
Thank you, although it would have been nice if you also mentioned the expected release date for that (even Edge is 106). Afaik 108 will be around dec/jan so at least a 3-4 months wait. 0 -
108 is going to edge today or tomorrow, unless unexpected issues appear. 0
Please sign in to leave a comment.
Comments
3 comments