Problem Note 69401: SAS® Web Server contains a version of OpenSSL with a known vulnerability that is described in CVE-2022-2068
 |  |  |  |  |
Severity: Critical
Description: SAS Web Server contains a version of OpenSSL that is affected by the vulnerability described by CVE-2022-2068.
Potential Impact: Refer to CVE record listed in the previous section for details.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| Product Family | Product | System | Product Release | SAS Release | ||
| Reported | Fixed* | Reported | Fixed* | |||
| SAS System | SAS Web Server | Microsoft® Windows® for x64 | 9.45 | 9.4 TS1M6 | ||
| 64-bit Enabled AIX | 9.45 | 9.4 TS1M6 | ||||
| 64-bit Enabled Solaris | 9.45 | 9.4 TS1M6 | ||||
| HP-UX IPF | 9.45 | 9.4 TS1M6 | ||||
| Linux for x64 | 9.45 | 9.4 TS1M6 | ||||
| Solaris for x64 | 9.45 | 9.4 TS1M6 | ||||
A fix for this issue for SAS Web Server 9.45 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/E8D.html#69401| Type: | Problem Note |
| Priority: | high |
| Date Modified: | 2022-09-19 14:31:28 |
| Date Created: | 2022-07-19 13:15:59 |