CVE-2021-44224: Apache HTTP Server vulnerability

Situation

Vulnerability CVE-2021-44224 affects mod_proxy for Apache HTTP Server.

Impact

Plesk ships mod_proxy only for RedHat 7-based OSes:

• CentOS 7 (64-bit)
• CloudLinux 7 (64-bit)
• Red Hat Enterprise Linux 7 (64-bit)
• Virtuozzo Linux 7 (64-bit)

RedHat 7 is not affected by CVE-2021-44224.

Call to Action

• For the servers with RedHat 7-based OSes - no additional actions are required since they are not affected by CVE-2021-44224.
• To protect customers’ websites on other servers, follow the recommendations from the OS vendor/package maintainer and always keep the system up to date.
  Plesk has an embedded mechanism to update system packages: Plesk Administrator's Guide: System Updates.