Severity: High.
Description: The HashiCorp Vault component used in SAS Viya 3.5 is affected by the following CVE:
Potential Impact: Vault and Vault Enterprise (“Vault”) are vulnerable to an unauthenticated denial of service when processing JSON payloads.
Note: The Vault version has been updated to 1.21.0. SAS recommends that you update your environment to address this issue. See Updating Your SAS Viya Software for more information.