Hot Fix Downloads
General Information about Hot Fixes
|S48001 was replaced by S48012
|S48002 was replaced by S48012
|S48003 was replaced by S48012
|S48004 was replaced by S48012
|S48005 was replaced by S48012
|S48006 was replaced by S48012
|S48007 was replaced by S48012
|S48008 was replaced by S48012
|S48009 was replaced by S48012
|S48010 was replaced by S48012
|S48011 was replaced by S48012
|SAS Web Server 9.4_M1
|ALERT - An OpenSSL Heartbleed vulnerability exists in SAS® 9.4 Web Server
|ALERT - OpenSSL vulnerabilities (05 Jun 2014) exist in the SAS® 9.4 Web Server
|ALERT - OpenSSL vulnerabilities (06 Aug 2014 and 15 Oct 2014) exist in the SAS® 9.4 Web Server
|SAS® Environment Manager does not recognize the updated SAS® Web Server
|SAS® Environment Manager has a known security vulnerability (CVE-2011-2730)
|ALERT - OpenSSL vulnerabilities exist in the SAS® 9.4 Web Server (OpenSSL advisories through 9th July 2015)
|SAS® Environment Manager has known high-severity security issues
|OpenSSL vulnerabilities exist in the SAS® 9.4 Web Server (OpenSSL advisories through 3rd May 2016)
|ALERT - The SAS® Environment Manager agent log might contain a security vulnerability
|SAS® Environment Manager exhibits a session-fixation vulnerability
|SAS® Environment Manager exhibits a Reflected File Download vulnerability
|ALERT - The Apache Commons Collections library is vulnerable to remote code execution
|OpenSSL vulnerabilities exist in the SAS® 9.4 Web Server (OpenSSL advisories through 26th September 2016)
|The SAS® 9.4 Installation Qualification Tool (W83001 Update) installation fails
|ALERT - OpenSSL vulnerabilities exist in the SAS® 9.4 Web Server (OpenSSL advisories through 2nd January 2017)
|A cross-site scripting vulnerability exists in the SAS® Environment Manager administrative application
|ALERT - The JCraft and JSch libraries that reside in the SAS® Environment Manager server and agent are vulnerable to directory traversal
|SAS® Environment Manager contains commons-beanutils libraries that are vulnerable to CVE-2014-0114
|OpenSSL vulnerabilities exist in the SAS® 9.4 Web Server (OpenSSL advisories through 26th January 2017)
|SAS® Web Server uses an end-of-life version of the Apache 2.2 Server
|SAS® Environment Manager contains security vulnerabilities (multiple CVEs)
|OpenSSL vulnerabilities exist in the SAS® 9.4 Web Server (OpenSSL advisories through 27th March 2018)
|SAS® Environment Manager contains a stored cross-site scripting vulnerability
|SAS® Environment Manager is vulnerable to jackson-databind vulnerabilities
|SAS® Environment Manager Server is affected by multiple Apache Tomcat vulnerabilities
|SAS® Environment Manager contains vulnerable Apache Struts libraries
|NOTE: If you install this hot fix and have SAS Environment Manager Agent 2.1 installed, you should also install hot fix Y47005.
|D indicates that the Documentation has special pre-installation, post-installation or other unique instructions not commonly used for hot fix deployment.
PLEASE CAREFULLY READ THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT ("AGREEMENT") BEFORE DOWNLOADING MATERIALS FROM THIS SITE. BY DOWNLOADING ANY MATERIALS FROM THIS SITE, YOU ARE AGREEING TO THESE TERMS.
You are downloading software code ("Code") which will become part of a product ("Software") you currently have licensed from SAS Institute Inc. or one of its subsidiaries ("the Institute"). this Code is designed to either correct an error in the Software or to add functionality to the Software. The code is governed by the same agreement which governs the Software. If you do not have an existing agreement with the Institute governing the Software, you may not download the Code.
SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration. Other brand and product names are registered trademarks or trademarks of their respective companies.
Copyright © 2019 SAS Institute Inc. All Rights Reserved.