cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
☑ This topic is solved. Need further help from the community? Please sign in and ask a new question.
shoin
Lapis Lazuli | Level 10 shoin
Lapis Lazuli | Level 10
Go to Solution

Apache Shiro CVE-2022-40664 Vulnerability

Posted 11-10-2022 12:40 PM (802 views)

Hello, there's a SAS note on Apache Shiro CVE-2022-40664 vulnerability for SAS Viya https://support.sas.com/kb/66/541.html addressing 
CVE-2020-11989 Detail at https://nvd.nist.gov/vuln/detail/CVE-2020-11989.

 

however, none for the Apache Shiro vulnerability CVE-2022-40664 for either Viya 3.5 or 4.0 and specifically for AS 9.4, is a note planned?

 

-S

0 Likes
Reply
1 ACCEPTED SOLUTION

Accepted Solutions
ChrisHemedinger
Community Manager ChrisHemedinger
Community Manager

Re: Apache Shiro CVE-2022-40664 Vulnerability

Posted 11-11-2022 08:43 AM (728 views)  |   In reply to shoin

Hi @shoin - I recommend that you open a track with SAS Technical Support. This is the preferred method to exchange information about CVE questions until a bulletin is posted (and a bulletin would be posted only if deemed necessary).

Learn from the Experts! Check out the huge catalog of free sessions in the Ask the Expert webinar series.

View solution in original post

0 Likes
Reply
1 REPLY 1
ChrisHemedinger
Community Manager ChrisHemedinger
Community Manager

Re: Apache Shiro CVE-2022-40664 Vulnerability

Posted 11-11-2022 08:43 AM (729 views)  |   In reply to shoin

Hi @shoin - I recommend that you open a track with SAS Technical Support. This is the preferred method to exchange information about CVE questions until a bulletin is posted (and a bulletin would be posted only if deemed necessary).

Learn from the Experts! Check out the huge catalog of free sessions in the Ask the Expert webinar series.
0 Likes
Reply

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.

Watch Get Started with SAS Information Catalog in SAS Viya on YouTube

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 1 reply
  • ‎11-10-2022 12:40 PM
  • 803 views
  • 0 likes
  • 2 in conversation