Severity: High

Description: A security vulnerability in SAS Plug-ins for Hadoop exists in SAS^® 9.4 and all versions of SAS^® Viya^®.

Potential Impact: An attacker with knowledge about this vulnerability and network access to the Hadoop servers can access restricted data.

Click the Hot Fix tab in this note to access the hot fix for this issue.

Operating System and Release Information

An update for this issue is available for SAS Viya 3.4. For instructions on how to access and apply software updates, see the Updating Your SAS Viya software section in the SAS Viya 3.4 for Linux Deployment Guide at

A fix for this issue for SAS Plug-ins for Hadoop 1.02 is available at:

A fix for this issue for SAS Plug-ins for Hadoop 1.01 is available at: