BookmarkSubscribeRSS Feed
☑ This topic is solved. Need further help from the community? Please sign in and ask a new question.
shoin
Lapis Lazuli | Level 10

Hello, there's a SAS note on Apache Shiro CVE-2022-40664 vulnerability for SAS Viya https://support.sas.com/kb/66/541.html addressing 
CVE-2020-11989 Detail at https://nvd.nist.gov/vuln/detail/CVE-2020-11989.

 

however, none for the Apache Shiro vulnerability CVE-2022-40664 for either Viya 3.5 or 4.0 and specifically for AS 9.4, is a note planned?

 

-S

1 ACCEPTED SOLUTION

Accepted Solutions
ChrisHemedinger
Community Manager

Hi @shoin - I recommend that you open a track with SAS Technical Support. This is the preferred method to exchange information about CVE questions until a bulletin is posted (and a bulletin would be posted only if deemed necessary).

It's time to register for SAS Innovate! Join your SAS user peers in Las Vegas on April 16-19 2024.

View solution in original post

1 REPLY 1
ChrisHemedinger
Community Manager

Hi @shoin - I recommend that you open a track with SAS Technical Support. This is the preferred method to exchange information about CVE questions until a bulletin is posted (and a bulletin would be posted only if deemed necessary).

It's time to register for SAS Innovate! Join your SAS user peers in Las Vegas on April 16-19 2024.

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

CLI in SAS Viya

Learn how to install the SAS Viya CLI and a few commands you may find useful in this video by SAS’ Darrell Barton.

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 1 reply
  • 581 views
  • 0 likes
  • 2 in conversation