A new update is available for SAS Web Server , version 9.4_M1 :
- Hot Fix: S48009 - Published 13JUL2017 , Download link for S48009
- Component name: SAS Web Server
- Related SAS release: 9.4
Issues addressed in S48009
| SAS Note 60381 | A cross-site scripting vulnerability exists in SAS® Environment Manager |
| SAS Note 60408 | ALERT: The JCraft and JSch libraries that reside in the SAS® Environment Manager server and agent are vulnerable to directory traversal |
| SAS Note 60664 | SAS® Environment Manager contains commons-beanutils libraries that are vulnerable to CVE-2014-0114 |
| This list of notes might be incomplete. For a complete list of issues addressed by this hot fix, visit the hot fix page for S48009 |
Note: A comprehensive list of all SAS hot fixes is available from support.sas.com. You can use the SAS Hot Fix Analysis, Download, and Deployment (SASHFADD) tool to manage your SAS hot fixes.
