Problem Note 70568: The SAS® 9.4 JMS Broker includes a version of ActiveMQ that is known to be affected by CVE-2023-46604
Severity: Critical
Description: The SAS 9.4 JMS Broker includes a version of ActiveMQ that is known to be affected by CVE-2023-46604.
Potential Impact: The vulnerability might allow an attacker to perform Remote Code Execution. Refer to the CVE record for details.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Note: The hot fix for this issue is provided through a SAS® Web Application Server hot fix.
Operating System and Release Information
SAS System | SAS JMS Broker | Linux for x64 | 9.4 | | 9.4 TS1M8 | |
64-bit Enabled AIX | 9.4 | | 9.4 TS1M8 | |
Microsoft® Windows® for x64 | 9.4 | | 9.4 TS1M8 | |
*
For software releases that are not yet generally available, the Fixed
Release is the software release in which the problem is planned to be
fixed.
Type: | Problem Note |
Priority: | high |
Date Modified: | 2024-01-04 11:08:25 |
Date Created: | 2023-12-12 11:58:41 |