Exim CVE-2019-10149 - Urgent Security Notice For Anyone Using cPanel & WHM Version 78 or lower

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,910
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
Hello Everyone,

You can find our blog post and Knowledge Base article on this topic at the links below:

Exim CVE-2019-10149, how to protect yourself | cPanel Blog
CVE-2019-10149 Exim - cPanel Knowledge Base - cPanel Documentation

Here's an overview of how CVE-2019-10149 applies to specific cPanel & WHM versions:

1. cPanel & WHM version 80 uses Exim version 4.92 and is unaffected by this vulnerability.

2. An update to cPanel & WHM version 78 was published to the STABLE and 78 LTS release tiers on June 5th, 2019 with the following fix included in the change log:

Fixed case CPANEL-27723: Update exim to 4.92-1.cp1178. Fixes CVE-2019-10149.

If you are using cPanel & WHM version 78 and Daily Updates is set to Never or Manual Updates Only in WHM >> Update Preferences, then you should initiate the update to version 78.0.27 immediately to ensure the patch for this vulnerability is applied. For information on how to update cPanel & WHM, see the document below:

Upgrade to Latest Version - Version 78 Documentation - cPanel Documentation

3. If you're using cPanel & WHM version 76 or lower, please see the information published to the cPanel Blog on the link below:

Exim CVE-2019-10149, how to protect yourself | cPanel Blog

Let us know if you have any questions or need assistance with the update.

Thank you.
 
Last edited: