Select Your Region

Visit the Cary, NC, US corporate headquarters site

Americas

Europe

Middle East & Africa

Asia Pacific

View our worldwide contacts list for help finding your region

Americas

Europe

Middle East & Africa

Asia Pacific

Sign In

Get access to My SAS, trials, communities and more.

Sign Out

Get access to My SAS, trials, communities and more.

SAS Sites

sas.com
Support
Blogs
Communities
Developer
Curiosity
Videos

Documentation

Learn
Brand
PartnerNet
Merchandise
  1. Security Bulletins
  2. Apache Struts 2 Vulnerabilities (CVE-2019-0230 and CVE-2019-0233)

SAS Statement Regarding Apache Struts 2  Vulnerabilities (CVE-2019-0230 and CVE-2019-0233)

Reference Name: Apache Struts 2 Vulnerabilities (CVE-2019-0230 and CVE-2019-0233)
Severity: Informational
Status: No action by customers is required

History

10-5-2020 – Assessment completed

Impact

Customer deployments of SAS® are not vulnerable to CVE-2019-0230 and CVE-2019-0233.

Description

Apache Struts 2 is affected by the vulnerabilities described in CVE-2019-0230 and CVE-2019-0233.

Solution

The custom version of Apache Struts that is managed and delivered by SAS is not vulnerable to this exploitation because it does not include the particular features that expose these vulnerabilities.

Security Bulletins

View other security bulletins, published as part of our formal PSIRT process.

Technical Support

Get world-class technical support via our support track system.

Samples & SAS Notes

Search our extensive Knowledge Base for code samples and SAS Notes.