Problem Note 70693: SAS® Web Report Studio contains a version of Apache Struts with known vulnerabilities
 |  |  |  |  |
SAS Web Report Studio contains a version of Apache Struts with known vulnerabilities.
Severity: Critical
Description: SAS Web Report Studio contains a version of Apache Struts with known vulnerabilities. Details about the vulnerabilities are available in the following CVE links:
Potential Impact: The impact varies. See the CVE details in the links listed above.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| Product Family | Product | System | Product Release | SAS Release | ||
| Reported | Fixed* | Reported | Fixed* | |||
| SAS System | SAS Web Report Studio | Solaris for x64 | 4.4_M7 | 9.4 TS1M7 | ||
| Linux for x64 | 4.4_M7 | 9.4 TS1M7 | ||||
| HP-UX IPF | 4.4_M7 | 9.4 TS1M7 | ||||
| 64-bit Enabled Solaris | 4.4_M7 | 9.4 TS1M7 | ||||
| 64-bit Enabled AIX | 4.4_M7 | 9.4 TS1M7 | ||||
| Microsoft® Windows® for x64 | 4.4_M7 | 9.4 TS1M7 | ||||
A fix for this issue for SAS Web Report Studio 4.4_M8 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/M7N.html#70693A fix for this issue for SAS Web Report Viewer 4.4_M7 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/J1B.html#70693A fix for this issue for SAS Web Report Studio 4.4_M7 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/J1A.html#70693| Type: | Problem Note |
| Priority: | high |
| Date Modified: | 2024-03-07 14:06:04 |
| Date Created: | 2024-03-07 10:00:16 |