Problem Note 69306: SAS® Platform Web Services 10.1.0.1 contains a PostgreSQL component that is affected by CVE-2022-21724
 |  |  |  |  |
Severity: Critical
Description: SAS Platform Web Services contains a PostgreSQL component that is affected by the following known vulnerability: CVE-2022-21724
Potential impact: The vulnerability might allow remote code execution. Refer to the CVE record listed in the previous section for details.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| Product Family | Product | System | SAS Release | |
| Reported | Fixed* | |||
| SAS System | Platform Web Services for SAS | Solaris for x64 | 9.4 TS1M7 | |
| Linux for x64 | 9.4 TS1M7 | |||
| HP-UX IPF | 9.4 TS1M7 | |||
| 64-bit Enabled Solaris | 9.4 TS1M7 | |||
| 64-bit Enabled AIX | 9.4 TS1M7 | |||
| Microsoft® Windows® for x64 | 9.4 TS1M7 | |||
A fix for this issue for Platform Web Services for SAS 1.7 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/K4X.html#69306| Type: | Problem Note |
| Priority: | high |
| Date Modified: | 2022-07-01 09:34:33 |
| Date Created: | 2022-06-15 15:54:54 |