CVE-2021-38589: 
cPanel 취약성 분석 및 완화

In cPanel before 96.0.13, scripts/fix-cpanel-perl does not properly restrict the overwriting of files, identified as CVE-2021-38589 (SEC-588). This vulnerability was disclosed on August 11, 2021, affecting cPanel installations prior to version 96.0.13 (NVD).

The vulnerability has been assigned a CVSS v3.1 Base Score of 8.1 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H. The CVSS v2.0 Base Score is 5.5 (MEDIUM) with vector (AV:N/AC:L/Au:S/C:N/I:P/A:P) (NVD).

The vulnerability allows an attacker with low privileges to perform unauthorized file overwriting operations, potentially leading to high impact on system integrity and availability (NVD).

The recommended mitigation is to upgrade cPanel to version 96.0.13 or later, which contains the fix for this vulnerability (NVD).