Sas Integration Technologies — known CVE vulnerabilities
Every CVE whose affected-product data names Sas Integration Technologies, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2002-2017 — CVSS 10.0 (critical): sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious…
CVE-2002-2018 — CVSS 7.2 (high): sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a…
CVE-2023-4932 — CVSS 6.3 (medium): SAS application is vulnerable to Reflected Cross-Site Scripting (XSS). Improper input validation in the `_program` parameter of the the…