CloudFlare protects and accelerates website using their CDN networks. Once you enable CloudFlare for your website, all your traffic is routed to their global networks.
CloudFlare can be integrated with cPanel and they also provide cPanel plugin. A critical symlink attack vulnerability was detected in CloudFlare cPanel plugin version 5.3.2. This vulnerability may exist in prior version as well.
Due to a carefully timed symlink attack directed at the cloudflare_data.yaml file, it is possible for a malicious user to change the permissions on any root owned file to 600 which could lead to the OS being disabled. Due to CloudFlare cPanel plugin vulnerability, it is possible to render root owned files permission hence this was rated as high.
This vulnerability was patched in CloudFlare cPanel plugin version 5.3.11. If you are using CloudFlare cPanel plugin, you should immediately upgrade it to latest version.