cPanel TSR-2017-0006 Full Disclosure

cPanel TSR-2017-0006 Full Disclosure SEC-236 Summary Add ‘ssl’ to the list of reserved usernames. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 2.4 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N Description When creating SSL certificates, ‘ssl@hostname’ is used as the contact email in the certificate. The ‘ssl’ username was not reserved, allowing resellers …