Thursday 26 November 2020
The impact of this issue announcement is medium. Please act accordingly to rectify the issue, as stated below.
Versions before 126.96.36.199, 188.8.131.52, and 184.108.40.206.
What you need to know:
Popular admin tools and managed web hosting provider cPanel has released security updates to address vulnerabilities that could allow remote attackers with access to valid credentials to bypass two-factor authentication (2FA) protection of an account.
Actions to be taken:
The issue is remedied in the following builds: