CPanel affected by Log4j Vulnerability

CPanel which is used by Webhosts is potentially affected by this Vulnerability because of CPanel-Solr plugin.Though the plugin listens only to localhost and used for IMAP search, there is a way it can be exploited if the CPanel is used on a Shared Webhosting provide as anyone with local shell access can used this to download ransomware or malware. (But this cant be publicly exploited).Easy Apache4 which is part of CPanel is affected by this vulnerability as it has log4j in the code.

CPanel’s Advisory: https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/

Updating CPanel for this vulnerability

Step 1: You can mitigate this vulnerability by either upgrading to new version of CPanel or updating the affected package by running the below command

yum update cpanel-dovecot-solr

Step 2: To verify the mitigation is place, login into CPanel, then run the below command

rpm -q --changelog cpanel-dovecot-solr | grep -B1 CPANEL-39455

if the mitigation is in place then you would be able to see something like this

Source: https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/

Scroll to Top