Problem Note 70554: SAS® Environment Manager contains a version of activemq-client that is known to be affected by CVE-2023-46604
 |  |  |  |  |
Severity: Critical
Description: SAS Environment Manager contains a version of activemq-client that is known to be affected by CVE-2023-46604
Potential Impact: The vulnerability described in CVE-2023-46604 might allow Remote Code Execution. Refer to the CVE record for details.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| Product Family | Product | System | Product Release | SAS Release | ||
| Reported | Fixed* | Reported | Fixed* | |||
| SAS System | SAS Environment Manager | Microsoft® Windows® for x64 | 2.5_M5 | 9.4 TS1M8 | ||
| 64-bit Enabled AIX | 2.5_M5 | 9.4 TS1M8 | ||||
| 64-bit Enabled Solaris | 2.5_M5 | 9.4 TS1M8 | ||||
| Linux for x64 | 2.5_M5 | 9.4 TS1M8 | ||||
| Solaris for x64 | 2.5_M5 | 9.4 TS1M8 | ||||
A fix for this issue for SAS Environment Manager 2.5_M5 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/M2T.html#70554A fix for this issue for SAS Environment Manager 2.5_M4 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/J9V.html#70554A fix for this issue for SAS Environment Manager 2.5_M3 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/E8M.html#70554| Type: | Problem Note |
| Priority: | high |
| Date Modified: | 2023-12-14 11:53:09 |
| Date Created: | 2023-12-04 09:43:07 |