This vulnerability is a variation of the long known CVE-2012-1823 vulnerability related to the CGI mode of PHP only in older Plesks. All currently supported versions of Parallels Plesk Panel 9.5, 10.x and 11.x, as well Parallels Plesk Automation, are not vulnerable. If a customer is using legacy, and a no longer supported version of Parallels Plesk Panel, they should upgrade to the latest version. For the legacy versions of Parallels Plesk Panel, we provided a suggested and unsupported workaround described in http://kb.parallels.com/en/113818.
Slashdot Mirror
This vulnerability is a variation of the long known CVE-2012-1823 vulnerability related to the CGI mode of PHP only in older Plesks. All currently supported versions of Parallels Plesk Panel 9.5, 10.x and 11.x, as well Parallels Plesk Automation, are not vulnerable. If a customer is using legacy, and a no longer supported version of Parallels Plesk Panel, they should upgrade to the latest version. For the legacy versions of Parallels Plesk Panel, we provided a suggested and unsupported workaround described in http://kb.parallels.com/en/113818.