Problem Note 70313: The SAS® Foundation products are affected by multiple vulnerabilities in OpenSSL
 |  |  |  |  |
Severity: High
Description: The SAS Foundation products are affected by multiple vulnerabilities in OpenSSL.
Potential Impact: Refer to the CVE records.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| Product Family | Product | System | Product Release | SAS Release | ||
| Reported | Fixed* | Reported | Fixed* | |||
| SAS System | Base SAS | 64-bit Enabled AIX | 9.4_M7 | 9.4 TS1M7 | ||
| 64-bit Enabled Solaris | 9.4_M7 | 9.4 TS1M7 | ||||
| HP-UX IPF | 9.4_M7 | 9.4 TS1M7 | ||||
| Linux for x64 | 9.4_M7 | 9.4 TS1M7 | ||||
| Solaris for x64 | 9.4_M7 | 9.4 TS1M7 | ||||
A fix for this issue for Base SAS 9.4_M7 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/I9R.html#70313A fix for this issue for SAS/Secure SSL 9.41_M4 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/K1M.html#70313
The SAS® Foundation products are affected by the following vulnerabilities in OpenSSL: CVE-2023-2650, CVE-2023-3817, and CVE-2023-3446
| Type: | Problem Note |
| Priority: | high |
| Date Modified: | 2023-09-27 11:10:06 |
| Date Created: | 2023-08-11 10:46:19 |