Posted on 09-28-2019 01:05 PM
Does the vulnerability fixed in 10.15.1 affect previous versions of Jamf Pro? If so how far back?
Posted on 09-28-2019 01:14 PM
Yes this is obviously big for all non Jamf Cloud customers, please advise
Given the nature of how quickly Jamf Cloud has been upgraded we need to know ASAP
Posted on 09-28-2019 01:38 PM
Ditto. I need to be prepared for the week ahead if I’m suddenly doing the JAMF Pro upgrade on Monday instead of a week or two from now.
Posted on 09-28-2019 01:49 PM
Thank you for your question! I am Jamf’s Chief Information Security Officer and will be answering questions on a central thread here Jamf Pro 10.15.1 FAQ.
Because this is an ongoing security issue, we are not able to share much detail at this time but we will make every effort to provide as much information as possible.
The security of your environment is our top priority which is why we are being intentional about how we communicate about this issue. Please feel free to add your comment to the central thread and I’ll do my best to answer there.
Posted on 09-28-2019 02:07 PM
This PI has a pretty low number compared to newer resolved issues. Also asked a few questions in the main FAQ about CVSS scoring and if this is being exploited to their knowledge.