Vulnerabilities > Tableau > Tableau Server
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-17 | CVE-2022-22128 | Path Traversal vulnerability in Tableau Server Tableau discovered a path traversal vulnerability affecting Tableau Server Administration Agent’s internal file transfer service that could allow remote code execution.Tableau only supports product versions for 24 months after release. | 9.8 |
2022-05-25 | CVE-2022-22127 | Unspecified vulnerability in Tableau Server Tableau is aware of a broken access control vulnerability present in Tableau Server affecting Tableau Server customers using Local Identity Store for managing users. | 7.2 |
2021-03-26 | CVE-2021-1629 | Open Redirect vulnerability in Tableau Server Tableau Server fails to validate certain URLs that are embedded in emails sent to Tableau Server users. | 6.1 |
2020-11-23 | CVE-2020-6939 | Unspecified vulnerability in Tableau Server Tableau Server installations configured with Site-Specific SAML that allows the APIs to be used by unauthenticated users. | 9.8 |
2020-07-08 | CVE-2020-6938 | Information Exposure Through Log Files vulnerability in Tableau Server A sensitive information disclosure vulnerability in Tableau Server 10.5, 2018.x, 2019.x, 2020.x released before June 26, 2020, could allow access to sensitive information in log files. | 7.5 |
2019-12-11 | CVE-2019-19719 | Cross-site Scripting vulnerability in Tableau Server Tableau Server 10.3 through 2019.4 on Windows and Linux allows XSS via the embeddedAuthRedirect page. | 6.1 |
2019-08-26 | CVE-2019-15637 | XXE vulnerability in Tableau products Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. | 8.1 |