CVE-2019-15846 Exim "A local or remote attacker can execute programs with root privileges."

oldie

Registered
Sep 11, 2019
3
0
1
Australia
cPanel Access Level
Website Owner
Does using an external email provider such as zoho or gsuite and set mx to their servers mitigate this exim issue, even if the cPanel server generates and sends emails [such as CFS/php script generated email] ?

delete.png
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,862
2,216
363
cPanel Access Level
DataCenter Provider
Twitter
Does using an external email provider such as zoho or gsuite and set mx to their servers mitigate this exim issue, even if the cPanel server generates and sends emails [such as CFS/php script generated email] ?
Hello @oldie,

The vulnerability is applicable to unpatched cPanel & WHM servers with Exim enabled in WHM >> Service Manager. Using an external email provider does not mitigate the vulnerability unless you've disabled the Exim service.

Thank you.
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,862
2,216
363
cPanel Access Level
DataCenter Provider
Twitter