Problem Note 68583: The SAS® Web Server is affected by multiple vulnerabilities
Severity: Critical
Description: The versions of Apache HTTP (2.4.48) and OpenSSL (1.0.2u) that are provided by the SAS Web Server have multiple vulnerabilities.
Potential Impact: The impact might vary by the vulnerabilities. For details, see Apache HTTP Server 2.4 vulnerabilities and OpenSSL Vulnerabilities.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Note: The hot fix upgrades the Apache HTTP version to 2.4.51 and the OpenSSL version to 1.0.2zb.
Operating System and Release Information
SAS System | SAS Web Server | Microsoft® Windows® for x64 | 9.46 | 9.47 | 9.4 TS1M7 | 9.4 TS1M8 |
64-bit Enabled AIX | 9.46 | 9.47 | 9.4 TS1M7 | 9.4 TS1M8 |
64-bit Enabled Solaris | 9.46 | 9.47 | 9.4 TS1M7 | 9.4 TS1M8 |
HP-UX IPF | 9.46 | 9.47 | 9.4 TS1M7 | 9.4 TS1M8 |
Linux for x64 | 9.46 | 9.47 | 9.4 TS1M7 | 9.4 TS1M8 |
Solaris for x64 | 9.46 | 9.47 | 9.4 TS1M7 | 9.4 TS1M8 |
*
For software releases that are not yet generally available, the Fixed
Release is the software release in which the problem is planned to be
fixed.
Type: | Problem Note |
Priority: | alert |
Date Modified: | 2021-11-17 09:37:11 |
Date Created: | 2021-11-08 00:55:46 |