Problem Note 66228: The SAS® Web Application Server is affected by the vulnerability that is described in CVE-2020-1935
 |  |  |  |  |
Severity: Medium
Description: The SAS Web Application Server is affected by the vulnerability that is described in CVE-2020-1935.
Potential Impact: Under certain conditions, the server can be vulnerable to HTTP Request Smuggling attacks.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| Product Family | Product | System | Product Release | SAS Release | ||
| Reported | Fixed* | Reported | Fixed* | |||
| SAS System | SAS Web Application Server | Microsoft® Windows® for x64 | 9.45 | 9.4 TS1M6 | ||
| 64-bit Enabled AIX | 9.45 | 9.4 TS1M6 | ||||
| 64-bit Enabled Solaris | 9.45 | 9.4 TS1M6 | ||||
| HP-UX IPF | 9.45 | 9.4 TS1M6 | ||||
| Linux for x64 | 9.45 | 9.4 TS1M6 | ||||
| Solaris for x64 | 9.45 | 9.4 TS1M6 | ||||
A fix for this issue for SAS Web Application Server 9.45 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/E3V.html#66228| Type: | Problem Note |
| Priority: | high |
| Date Modified: | 2020-07-28 10:13:40 |
| Date Created: | 2020-06-30 11:12:08 |