Problem Note 70372: SAS® Logon Manager contains third-party libraries with known vulnerabilities
Severity: High
Description: SAS Logon Manager contains third-party libraries with known vulnerabilities.
Potential Impact: Refer to the CVE record for details.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| SAS System | SAS Web Infrastructure Platform | Microsoft® Windows® for x64 | 9.4_M8 | | 9.4 TS1M8 | |
| 64-bit Enabled AIX | 9.4_M8 | | 9.4 TS1M8 | |
| 64-bit Enabled Solaris | 9.4_M8 | | 9.4 TS1M8 | |
| Linux for x64 | 9.4_M8 | | 9.4 TS1M8 | |
| Solaris for x64 | 9.4_M8 | | 9.4 TS1M8 | |
*
For software releases that are not yet generally available, the Fixed
Release is the software release in which the problem is planned to be
fixed.
SAS Logon Manager contains third-party libraries with the following known vulnerabilities: CVE-2022-41946, CVE-2023-34462, CVE-2023-20860, and CVE-2023-20861.
| Type: | Problem Note |
| Priority: | medium |
| Date Modified: | 2023-10-03 12:40:35 |
| Date Created: | 2023-09-12 15:16:32 |
