cPanel has announced a recently discovered vulnerability in the process of converting Horde MySQL to SQLite.

The problem arises when the conversion process requires a MySQL password reset. In this scenario, the password is passed to the script as a command line argument, making it visible to attackers in a ps process listing.

The vulnerability is addressed and solved in the following builds:

64.0.21
62.0.24
60.0.43
58.0.49
56.0.49

Check your cPanel version and make sure you’re up to date.

Facebooktwittergoogle_plusredditpinterestlinkedinmail