63197 - A security vulnerability currently exists in SAS® Cloud Analytic Services

Problem Note 63197: A security vulnerability currently exists in SAS® Cloud Analytic Services

Severity: High

Description: A security vulnerability in SAS Cloud Analytic Services exists in SAS^® Viya^® 3.3.

Potential Impact: An attacker with knowledge about this vulnerability and network access to the SAS Viya servers can access restricted data.

Click the Hot Fix tab in this note to access the hot fix for this issue.

After You Install the Hot Fix

It is important that you now verify that the update is installed. To do so, run the following rpm command:

rpm -q sas-tkcas

To complete this verification process, make sure that the package version shown in the rpm output either matches or is newer than the following:

sas-tkcas-01.11.03-20181102.110907983081.x86_64

Additional Assistance

If you need additional assistance, contact SAS Technical Support.

Operating System and Release Information

Product Family	Product	System	Product Release		SAS Release
			Reported	Fixed*	Reported	Fixed*
SAS System	SAS Viya	Linux for x64	3.3

* For software releases that are not yet generally available, the Fixed Release is the software release in which the problem is planned to be fixed.

An update for this issue is available for SAS Viya 3.3. For instructions on how to access and apply software updates, see the Managing Your Software section of the SAS Viya 3.3 Administration document at

http://documentation.sas.com/?softwareId=administration&softwareVersion=3.3&softwareContextId=softwareUpdates

Type:	Problem Note
Priority:	alert

Date Modified:	2018-11-09 14:28:38
Date Created:	2018-11-08 14:14:53