Applicable to:
- Plesk for Linux
- Plesk for Windows
Situation
Three vulnerabilities were discovered in phpMyAdmin:
Affected versions
-
CVE-2018-19968.
phpMyAdmin versions from at least 4.0 through 4.8.3 are affected.
phpMyAdmin on Plesk for Windows is not affected by this vulnerability. -
CVE-2018-19969.
phpMyAdmin versions 4.7.0 through 4.7.6 and 4.8.0 through 4.8.3 are affected.
-
CVE-2018-19970.
phpMyAdmin versions from at least 4.0 through 4.8.3 are affected.
All phpMyAdmin versions which are shipped with Plesk are less than 4.8.4 so they all are affected:
- Plesk Onyx 17.8.11 - 4.8.3.
- Plesk Onyx 17.5.3 - 4.6.6.
- Plesk Onyx 17.0.17 - 4.6.6.
- Plesk 12.5.30 - 4.6.6.
- Plesk 12.0.18 - 4.5.1.
Mitigation
phpMyAdmin shipped with Plesk was updated to the version 4.8.4 in the following updates:
- 17 December 2018 - Plesk Onyx 17.8.11 Update 35.
- 17 December 2018 - Plesk Onyx 17.5.3 Update 64.
- 26 December 2018 - Plesk Onyx 17.0.17 Update 62.
- 19 December 2018 - Plesk 12.5.30 Update 79.
- 26 December 2018 - Plesk 12.0.18 Update 104 for Linux and for Windows.
Warning: this phpMyAdmin version cannot execute stored procedures.
To install the latest Plesk updates, use the instructions from the article How to install Plesk updates
Comments
1 comment
Nice, thank you team/// Great output////
Greetings,
Jadira Norton (Signature::: nnortoja itoja pen software mindmap investopedia mindmeister)
***Body and Mind is a need to bring balanced righteousness**
Please sign in to leave a comment.