SAS® Web Application Server contains versions of Apache Tomcat and ActiveMQ with known vulnerabilities


Severity: High

Description: SAS Web Application Server on SAS® 9.4M8 (TS1M8) and SAS® 9.4M9 (TS1M9) contains versions of Tomcat and ActiveMQ that are known to be affected by the following vulnerabilities:

SAS 9.4M8

SAS 9.4M9

Potential Impact: See the CVE records for additional information.