Problem Note 68662: A broken access-control vulnerability occurs with SAS® Anti-Money Laundering REST service endpoints
Severity: Medium
Description: A broken access-control vulnerability can occur in the SAS Anti-Money Laundering REST endpoints.
Potential Impact: Unauthorized users can view entity detail information.
Click the Hot Fix tab in this note to access the hot fix for this issue.
This security vulnerability is fixed in Hot Fix 14 (A5T018).
Operating System and Release Information
SAS System | SAS Anti-Money Laundering | Microsoft® Windows® for x64 | 7.1 | 8.1 | 9.4 TS1M6 | Viya |
64-bit Enabled AIX | 7.1 | 8.1 | 9.4 TS1M6 | Viya |
64-bit Enabled Solaris | 7.1 | 8.1 | 9.4 TS1M6 | Viya |
Linux for x64 | 7.1 | 8.1 | 9.4 TS1M6 | Viya |
*
For software releases that are not yet generally available, the Fixed
Release is the software release in which the problem is planned to be
fixed.
Type: | Problem Note |
Priority: | medium |
Date Modified: | 2021-12-23 14:01:11 |
Date Created: | 2021-12-03 10:17:56 |