cPanel prior to 68.0.27 allows malicious users to read root's crontab file during a short time interval upon the enabling of backups (SEC-342).
cpanel cpanel