December 8, 2014, the Parallels security team discovered a flaw deemed critical. Parallels immediately announced the discovery of this vulnerability with a patch publicly.
Is that it allows?
A critical security in Parallels Plesk Panel for Windows vulnerability has been recently identified. This could allow users to allow access to the data of other users of the Plesk server. This vulnerability is limited to Plesk for Windows.
Since when does it exist?
The fault is present on versions of Plesk Panel 10.4.4 11.0, 11.5 and 12.0.
How to fix the?
Apply the MU version of your Plesk:
- Parallels Plesk for Windows 12.0 MU #27
- Parallels Plesk for Windows 11.5 MU #49
- Parallels Plesk for Windows 11.0 MU #64
- Parallels Plesk for Windows 10.4.4 MU #60
We remind you that it is recommended to regularly update your applications and services, in order to ensure their stability and security.
If you have a managed or shared delivery, please be aware that our teams have already been necessary to apply the patch across our infrastructure.