Last night, Jamf released Jamf Pro 10.13.1 & 10.15.1. These were released due to PI-007507. 

This PI is noted as a “critical security vulnerability” which “does not pose a risk to private data or managed devices. It does have the potential to impact the integrity and availability of your web server” but “impacts versions of Jamf Pro 9.4 and later”

As Jamf Pro 10.15.0 was only released 19 days ago, 10.15.1 is the 10.15.0 release with PI-007507 having been patched.

However, for organisations that are still on Jamf Pro 10.13.0 or below due to the move to Java 11 needed for Jamf Pro 10.14.0+, Jamf have released 10.13.1, which is also patched.

Please read the following Jamf Nation post for more information, & if you’re not on a recent Jamf Pro release please also see this post before any upgrades are attempted.