Vulnerability when Hosting Control Panel end-users are downloading files using the CDP Web Interface.
R1Soft rates this vulnerability Critical.
We have identified a security flaw in Hosting Control Panel end-user file download which may affect CDP Enterprise & Advanced Edition instances in the public environment. The vulnerability allows a control panel end-user to download files outside of their home directory that they do not have privileges to.
You should immediately upgrade to CDP 3.12.3 or later OR disable all configured hosting control panel instances on your CDP Policies. Disabling the configured hosting control panel instances on your CDP Policies will prevent a control panel end-user from exploiting the vulnerability.
Login to the CDP Server web interface and to a hosting control panel instance using the credentials of the control panel end-user. Then use the download to zip or tar archive functionality.
CDP Enterprise/Advanced Editions: 3.12.0, 3.12.1, 3.12.2
This issue has been fixed in CDP 3.12.3. Which you can download from the customer download portal http://download.r1soft.com
Only the CDP Server needs to be upgraded to 3.12.3 No agent update is required for the fix.
See the release notes.