COMMUNITIES

Select Your Region

Visit the Cary, NC, US corporate headquarters site

Americas

Europe

Middle East & Africa

Asia Pacific

View our worldwide contacts list for help finding your region

Americas

Europe

Middle East & Africa

Asia Pacific

Sign In

Get access to My SAS, trials, communities and more.

Sign Out

Get access to My SAS, trials, communities and more.

SAS Sites

sas.com
Support
Blogs
Communities
Developer
Curiosity
Videos

Documentation

Learn
Brand
PartnerNet
Merchandise

Administration and Deployment

Installing and maintaining your SAS environment
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
☑ This topic is solved. Need further help from the community? Please sign in and ask a new question.
ghassanzghaib
Obsidian | Level 7 ghassanzghaib
Obsidian | Level 7
Go to Solution

CVE-2024-56337 and CVE-2024-50379

Posted 01-14-2025 02:44 PM (2325 views)

Hi,

 

Anyone aware if the Tomcats running the SAS 9.4 M8 software are exposed to the following vulnerabilities CVE-2024-56337 and CVE-2024-50379?

 

I checked the SAS securities bulletin and found no mention of the above vulnerabilities.

 

Thanks.

0 Likes
Reply
1 ACCEPTED SOLUTION

Accepted Solutions
MargaretC
SAS Employee MargaretC
SAS Employee

Re: CVE-2024-56337 and CVE-2024-50379

Posted 01-14-2025 02:54 PM (2317 views)  |   In reply to ghassanzghaib

I see that the CVE-2024-50379 will be fixed with the Q1 2025 security fix. 

View solution in original post

Reply
5 REPLIES 5
MargaretC
SAS Employee MargaretC
SAS Employee

Re: CVE-2024-56337 and CVE-2024-50379

Posted 01-14-2025 02:54 PM (2318 views)  |   In reply to ghassanzghaib

I see that the CVE-2024-50379 will be fixed with the Q1 2025 security fix. 

Reply
ghassanzghaib
Obsidian | Level 7 ghassanzghaib
Obsidian | Level 7

Re: CVE-2024-56337 and CVE-2024-50379

Posted 01-14-2025 03:15 PM (2309 views)  |   In reply to MargaretC

Thank you Margaret for your prompt reply.

0 Likes
Reply
kl2412
Calcite | Level 5 kl2412
Calcite | Level 5

Re: CVE-2024-56337 and CVE-2024-50379

Posted 01-27-2025 10:38 AM (1911 views)  |   In reply to MargaretC

Hello.  There is a page where we can view when the  Q1 2025 Security fix will be available or know when it will be out?

0 Likes
Reply
srini007svb
Fluorite | Level 6 srini007svb
Fluorite | Level 6

Re: CVE-2024-56337 and CVE-2024-50379

Posted 02-15-2025 02:02 AM (1486 views)  |   In reply to MargaretC

Any ETA on the Q1 20205 Hotfix Release.

Thanks in advance.

0 Likes
Reply
gothaggis
Fluorite | Level 6 gothaggis
Fluorite | Level 6

Re: CVE-2024-56337 and CVE-2024-50379

Posted 2 weeks ago (227 views)  |   In reply to MargaretC

Is there any update on a fix for CVE-2024-50379?  I also see vulns (regarding SAS version of Tomcat) for CVE-2024-54677 and CVE-2024-52316

0 Likes
Reply

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.

Watch Get Started with SAS Information Catalog in SAS Viya on YouTube

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 5 replies
  • ‎01-14-2025 02:44 PM
  • 2326 views
  • 1 like
  • 5 in conversation
Top