Legacy Security Levels – WHM

Legacy Security Levels – WHM

Overview

This document explains the security levels of advisories that is post at http://www.cpanel.net/security. These security levels apply to Targeted Security Releases before TSR-2015-0001.

Security Levels

The following table lists the security levels in order of severity:

Level
Description
Critical A critical rating applies to vulnerabilities that allow remote, unauthenticated access and code execution, with no user interaction required. These vulnerabilities allow automated scripts such as worms to completely compromise the system.
Important This rating applies to vulnerabilities that allow third parties to compromise system authentication levels

These vulnerabilities occur when you allow the following:

  • Local users to elevate their privilege levels.
  • Unauthenticated remote users to access resources that should require authentication to view.
  • Remote users to execute arbitrary code, which includes any local or remote attack that could result in an denial of service.
Moderate This rating applies to vulnerabilities that rely on unlikely scenarios in order to compromise the system. These scenarios usually consist of a flawed or unlikely system configuration, and only occur in rare situations.
Minor This rating applies to vulnerabilities that do not fit into the higher categories. These vulnerabilities occur in very unlikely situations and configurations, and they require extremely close timing of execution and events to occur that are out of the attacker’s control. This rating also applies to vulnerabilities that, even if successful, result in few or no consequences on the system.

Was this article helpful?

Related Articles

Leave A Comment?