Vulnerability In cPanel Two-factor Authentication Could Allow Brute-force Attacks


Popular web hosting control platform cPanel had a major security bug. Specifically, the vulnerability affected the cPanel two-factor authentication feature that could allow password guessing brute force.

cPanel Two-factor Authentication Vulnerable


Reportedly, Digital Defense Inc has disclosed a serious security vulnerability in cPanel two-factor authentication.

Sharing the details via a press release, the cybersecurity firm revealed that the two-factor authentication feature in cPanel lacked an attempt limit. Hence, it became possible for an adversary to guess the 2FA code via brute-forcing upon knowing the valid login credentials. In turn, the attacker could take control of the entire website.

cPanel &WHM version 11.90.0.5 (90.0 Build 5) exhibits a two-factor authentication bypass flaw, vulnerable to brute force attack, resulting in a scenario where an attacker with knowledge of or access to valid credentials could bypass two-factor authentication protections on an account.
Describing the vulnerability (SEC-575) in an advisory, cPanel stated,
The two-factor authentication cPanel Security Policy did not prevent an attacker from repeatedly submitting two-factor authentication codes. This allowed an attacker to bypass the two-factor authentication check using brute force techniques.
According to Digital Defense, performing this attack would only take minutes.

Although, cPanel advisory shows that the vulnerability received a CVSS score of 4.3, which hints at its medium-severity. However, given the huge user base of cPanel, this serious vulnerability poses a threat to over 70 million domains.

Patches Rolled Out


Upon discovering the vulnerability, the researchers reached out to the vendors to report the bug.

Eventually, the cPanel team addressed the flaw and released fixes with builds 11.92.0.2, 11.90.0.17, and 11.86.0.32.

The researchers then disclosed the bug publicly after the patches arrived.

Despite that it had a vulnerability, applying 2FA is still important to protect the cPanel accounts. Therefore, users must check their respective cPanel platform versions to ensure running the updated version. This is particularly important for those who have enabled two-factor authentication on cPanel login.


Posted from my blog with SteemPress : https://latesthackingnews.com/2020/11/27/vulnerability-in-cpanel-two-factor-authentication-could-allow-brute-force-attacks/

Sort:  

Congratulations @twr! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s) :

You published more than 2500 posts. Your next target is to reach 2600 posts.

You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word STOP