Hot fix and maintenance news from SAS Technical Support

ALERT Updates available for SAS Web Server 9.4 : Hot fix S46008

by Moderator on ‎07-18-2017 06:54 AM

A new update is available for SAS Web Server , version 9.4 :


Issues addressed in S46008

SAS Note 60381

A cross-site scripting vulnerability exists in SAS® Environment Manager

SAS Note 60408

ALERT: The JCraft and JSch libraries that reside in the SAS® Environment Manager server and agent are vulnerable to directory traversal

SAS Note 60664

SAS® Environment Manager contains commons-beanutils libraries that are vulnerable to CVE-2014-0114

This list of notes might be incomplete. For a complete list of issues addressed by this hot fix, visit the hot fix page for S46008


Note: A comprehensive list of all SAS hot fixes is available from You can use the SAS Hot Fix Analysis, Download, and Deployment (SASHFADD) tool to manage your SAS hot fixes.

About the Author
  • This is a service account for SAS support operations. It's not monitored for content or messages!