A recently published vulnerability that has been called DROWN allows an attacker to take advantage of the weak SSL protocol SSLv2 in two ways.
This means that no server should have SSLv2 enabled at this point.
If you are using the latest version of cPanel with the default options, SSLv2 is already disabled, but you may not be safe.
In the following example, even though server 1 and 3 have SSLv2 disabled, all of the servers are vulnerable:
server 1 SSLv2 disabled server1.example.com server 2 SSLv2 enabled server2.example.com server 3 SSLv2 disabled server3.example.com
To protect yourself, you can check for drown using the Qualys SSL Tester.
If your server shows up as vulnerable, check all servers that are using the same hostname or wildcard certificate, as at least one of them is the source of the vulnerability.