Vulnerabilities > CVE-2018-20886 - Insecure Storage of Sensitive Information vulnerability in Cpanel

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

NVD

Published: 2019-08-01

Updated: 2020-08-24

Summary

cPanel before 74.0.0 insecurely stores phpMyAdmin session files (SEC-418).

Part	Description	Count
Application	Cpanel Cpanel Cpanel 69.9999.122 Cpanel Cpanel 69.9999.125 Cpanel Cpanel 69.9999.132 Cpanel Cpanel 69.9999.134 Cpanel Cpanel 69.9999.138 Cpanel Cpanel 69.9999.139 Cpanel Cpanel 69.9999.140 Cpanel Cpanel 69.9999.141 Cpanel Cpanel 69.9999.145 Cpanel Cpanel 69.9999.149 Cpanel Cpanel 69.9999.150 Cpanel Cpanel 70.0.2 Cpanel Cpanel 70.0.4 Cpanel Cpanel 70.0.5 Cpanel Cpanel 70.0.6 Cpanel Cpanel 70.0.8 Cpanel Cpanel 70.0.9 Cpanel Cpanel 70.0.10 Cpanel Cpanel 70.0.12 Cpanel Cpanel 70.0.13 Cpanel Cpanel 70.0.16 Cpanel Cpanel 70.0.17 Cpanel Cpanel 70.0.18 Cpanel Cpanel 70.0.23 Cpanel Cpanel 70.0.24 Cpanel Cpanel 70.0.26 Cpanel Cpanel 70.0.27 Cpanel Cpanel 70.0.29 Cpanel Cpanel 70.0.30 Cpanel Cpanel 70.0.31 Cpanel Cpanel 70.0.32 Cpanel Cpanel 70.0.34 Cpanel Cpanel 70.0.38 Cpanel Cpanel 70.0.39 Cpanel Cpanel 70.0.41 Cpanel Cpanel 70.0.42 Cpanel Cpanel 70.0.43 Cpanel Cpanel 70.0.44 Cpanel Cpanel 70.0.46 Cpanel Cpanel 70.0.47 Cpanel Cpanel 70.0.48 Cpanel Cpanel 70.0.51 Cpanel Cpanel 70.0.52 Cpanel Cpanel 71.9980.30 Cpanel Cpanel 71.9980.34 Cpanel Cpanel 71.9980.37 Cpanel Cpanel 71.9980.45 Cpanel Cpanel 72.0.3 Cpanel Cpanel 72.0.4 Cpanel Cpanel 72.0.5 Cpanel Cpanel 72.0.7 Cpanel Cpanel 72.0.9 Cpanel Cpanel 73.9980.0	53