A critical security vulnerability in Parallels Plesk for Windows was recently identified that may allow authorized users to gainaccess to other customers’ data on the same Plesk server. This security vulnerability is limited to Plesk on Windows servers only.
Impact
An authorized Plesk user is able to access other customers’ data on the same Windows server.
Solution
To close the vulnerability, install the latest available Plesk update for your version.
Call to Action
Install the Plesk security update following the instructions provided in the Parallels Knowledgebase articles below:
• Parallels Plesk for Windows 12.0 MU#27
• Parallels Plesk for Windows 11.5 MU#49
• Parallels Plesk for Windows 11.0 MU#64
• Parallels Plesk for Windows 10.4.4 MU#60
If you are running an earlier version of Plesk for Windows, we strongly recommend that you upgrade these instances following the instructions provided in the Parallels Plesk upgrade guide article.
For customers have subscribed to our managed services and you are running a copy of the PLESK windows, your Plesk software have been updated since this morning.Should you have any enquiry with regards to this topic, please write to support@vastspace.net.
