On December 10th, 2021, CVE-2021-44228
was published. This CVE disclosed a critical vulnerability in a function of Apache servers using a Java element named Log4J. By default Plesk has not included Java libraries since Plesk 17.8
. Unless you have a dedicate server and have installed Java elements yourself, you should not be vulnerable to this exploit. Please feel free to contact our support team
for more information or if you have any uncertainties.
Please note: if you have a dedicated server and have manually installed this element it is your responsibility to ensure that it is updated and maintained.