cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
☑ This topic is solved. Need further help from the community? Please sign in and ask a new question.
shoin
Lapis Lazuli | Level 10 shoin
Lapis Lazuli | Level 10
Go to Solution

Apache Shiro CVE-2022-40664 Vulnerability

Posted 11-10-2022 12:40 PM (2169 views)

Hello, there's a SAS note on Apache Shiro CVE-2022-40664 vulnerability for SAS Viya https://support.sas.com/kb/66/541.html addressing 
CVE-2020-11989 Detail at https://nvd.nist.gov/vuln/detail/CVE-2020-11989.

 

however, none for the Apache Shiro vulnerability CVE-2022-40664 for either Viya 3.5 or 4.0 and specifically for AS 9.4, is a note planned?

 

-S

0 Likes
Reply
1 ACCEPTED SOLUTION

Accepted Solutions
ChrisHemedinger
Community Manager ChrisHemedinger
Community Manager

Re: Apache Shiro CVE-2022-40664 Vulnerability

Posted 11-11-2022 08:43 AM (2095 views)  |   In reply to shoin

Hi @shoin - I recommend that you open a track with SAS Technical Support. This is the preferred method to exchange information about CVE questions until a bulletin is posted (and a bulletin would be posted only if deemed necessary).

Become an Explorer! Join SAS Analytics Explorers to learn and complete challenges that earn rewards!

View solution in original post

0 Likes
Reply
1 REPLY 1
ChrisHemedinger
Community Manager ChrisHemedinger
Community Manager

Re: Apache Shiro CVE-2022-40664 Vulnerability

Posted 11-11-2022 08:43 AM (2096 views)  |   In reply to shoin

Hi @shoin - I recommend that you open a track with SAS Technical Support. This is the preferred method to exchange information about CVE questions until a bulletin is posted (and a bulletin would be posted only if deemed necessary).

Become an Explorer! Join SAS Analytics Explorers to learn and complete challenges that earn rewards!
0 Likes
Reply

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

Learn how to explore data assets, create new data discovery agents, schedule data discovery agents, and much more.

Watch Get Started with SAS Information Catalog in SAS Viya on YouTube

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 1 reply
  • ‎11-10-2022 12:40 PM
  • 2170 views
  • 0 likes
  • 2 in conversation