Vulnerabilities > SAS > Integration Technologies
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-12 | CVE-2023-4932 | Cross-site Scripting vulnerability in SAS Integration Technologies 9.4 SAS application is vulnerable to Reflected Cross-Site Scripting (XSS). | 5.4 |
2002-12-31 | CVE-2002-2018 | Unspecified vulnerability in SAS Base and Integration Technologies sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a segmentation fault. | 7.2 |
2002-12-31 | CVE-2002-2017 | Local Root Code Execution vulnerability in SAS SASTCPD sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd. | 10.0 |