Situation
Vulnerability CVE-2021-44224 affects mod_proxy for Apache HTTP Server.
Impact
Plesk ships mod_proxy only for RedHat 7-based OSes:
- CentOS 7 (64-bit)
- CloudLinux 7 (64-bit)
- Red Hat Enterprise Linux 7 (64-bit)
- Virtuozzo Linux 7 (64-bit)
RedHat 7 is not affected by CVE-2021-44224.
Call to Action
- For the servers with RedHat 7-based OSes - no additional actions are required since they are not affected by CVE-2021-44224.
-
To protect customers’ websites on other servers, follow the recommendations from the OS vendor/package maintainer and always keep the system up to date.
Plesk has an embedded mechanism to update system packages: Plesk Administrator's Guide: System Updates.