Problem Note 69957: SAS® Web Server includes a version of Apache HTTPD server with known vulnerabilities
 |  |  |  |  |
Severity: Critical
Description: SAS Web Server contains Apache HTTPD 2.4.54, which has known vulnerabilities.
Potential Impact: The impact varies. Refer to the CVE records that are listed above for additional details.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| Product Family | Product | System | Product Release | SAS Release | ||
| Reported | Fixed* | Reported | Fixed* | |||
| SAS System | SAS Web Server | Microsoft® Windows® for x64 | 9.45 | 9.4 TS1M6 | ||
| 64-bit Enabled AIX | 9.45 | 9.4 TS1M6 | ||||
| 64-bit Enabled Solaris | 9.45 | 9.4 TS1M6 | ||||
| HP-UX IPF | 9.45 | 9.4 TS1M6 | ||||
| Linux for x64 | 9.45 | 9.4 TS1M6 | ||||
| Solaris for x64 | 9.45 | 9.4 TS1M6 | ||||
A fix for this issue for SAS Web Server 9.47 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/M1V.html#69957A fix for this issue for SAS Web Server 9.46 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/J8M.html#69957A fix for this issue for SAS Web Server 9.45 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/E8D.html#69957
SAS® Web Server includes a version of Apache HTTPD server with known vulnerabilities
| Type: | Problem Note |
| Priority: | high |
| Date Modified: | 2023-05-10 11:09:35 |
| Date Created: | 2023-03-20 09:25:07 |