Problem Note 69366: Broken access control vulnerability in SAS® Business Data Network 3.3
Severity: Medium
Description: There is a broken access control vulnerability in SAS Business Data Network 3.3.
Potential Impact: Low-privileged users are able to access some functions of SAS Business Data Network that should be allowed only for administrative users.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
SAS System | SAS Business Data Network | Microsoft® Windows® for x64 | 3.3 | 3.4 | 9.4 TS1M6 | 9.4 TS1M8 |
64-bit Enabled AIX | 3.3 | 3.4 | 9.4 TS1M6 | 9.4 TS1M8 |
64-bit Enabled Solaris | 3.3 | 3.4 | 9.4 TS1M6 | 9.4 TS1M8 |
HP-UX IPF | 3.3 | 3.4 | 9.4 TS1M6 | 9.4 TS1M8 |
Linux for x64 | 3.3 | 3.4 | 9.4 TS1M6 | 9.4 TS1M8 |
Solaris for x64 | 3.3 | 3.4 | 9.4 TS1M6 | 9.4 TS1M8 |
*
For software releases that are not yet generally available, the Fixed
Release is the software release in which the problem is planned to be
fixed.
There is a broken access control vulnerability in SAS® Business Data Network 3.3, which allows low-privileged users to access some functions of SAS Business Data Network that should be allowed only for administrative users.
Type: | Problem Note |
Priority: | medium |
Date Modified: | 2022-07-05 10:52:30 |
Date Created: | 2022-07-03 20:18:10 |