We have just received word that all Plesk versions since version 12.x to 17.x a Security vulnerability which allow the end user to read files of the psaadm user. This allows you to gain access to the admin user and to use e.g. commands as root user execute.
On 15.4. Gap be published by the manufacturer Plesk.
Until then, all Plesk Server be updated to the latest version. There have also been updated for the old End-of-Life versions 12.x Updates provided.
How do I update my system?
via SSH e.g. simply as root execute the following command:
For Plesk 17.x:
plesk installer update
For Plesk 12.5:
plesk installer --select-release-current --reinstall-patch --upgrade-installed-components
For Plesk 12.0:
/usr/local/psa/admin/sbin/autoinstaller --select-product-id plesk --select-release-current --reinstall-patch --install-component panel
or in Plesk even via the update function. The best way to do this is to log in as admin and check for updates. In this context, it also makes sense to update the operating system and to use the auto-update Function to activate.
