Sas Web Infrastructure Platform vulnerabilities
3 known vulnerabilities affecting sas/web_infrastructure_platform.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2018-20732P2CRITICALCVSS 9.8fixed in 9.4v9.42019-01-17
CVE-2018-20732 [CRITICAL] CWE-502 CVE-2018-20732: SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code via a
SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code via a Java deserialization variant.
nvd
CVE-2018-20733P3HIGHCVSS 7.5fixed in 9.4v9.42019-01-17
CVE-2018-20733 [HIGH] CWE-611 CVE-2018-20733: BI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows XXE.
BI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows XXE.
nvd
CVE-2015-9281P4MEDIUMCVSS 6.1fixed in 9.4v9.42019-01-17
CVE-2015-9281 [MEDIUM] CWE-79 CVE-2015-9281: Logon Manager in SAS Web Infrastructure Platform before 9.4M3 allows reflected XSS on the Timeout pa
Logon Manager in SAS Web Infrastructure Platform before 9.4M3 allows reflected XSS on the Timeout page.
nvd