Problem Note 68067: Platform Web Services for SAS® contains a PostgreSQL library with known vulnerabilities (CVE-2020-13692)
Severity: High
Description: Platform Web Services for SAS contains a PostgreSQL JDBC driver library that is vulnerable to the issue that is described by CVE-2020-13692.
Potential Impact: The library is vulnerable to XML External Entity (XXE) attacks. See the CVE record for further details.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
SAS System | Platform Web Services for SAS | Microsoft® Windows® for x64 | 9.4 TS1M7 | |
64-bit Enabled AIX | 9.4 TS1M7 | |
64-bit Enabled Solaris | 9.4 TS1M7 | |
HP-UX IPF | 9.4 TS1M7 | |
Linux for x64 | 9.4 TS1M7 | |
Solaris for x64 | 9.4 TS1M7 | |
*
For software releases that are not yet generally available, the Fixed
Release is the software release in which the problem is planned to be
fixed.
Type: | Problem Note |
Priority: | high |
Date Modified: | 2021-06-24 14:18:02 |
Date Created: | 2021-06-22 10:17:57 |