Vulnerabilities > Tableau > Tableau Server

DATE CVE VULNERABILITY TITLE RISK
2022-10-17 CVE-2022-22128 Path Traversal vulnerability in Tableau Server
Tableau discovered a path traversal vulnerability affecting Tableau Server Administration Agent’s internal file transfer service that could allow remote code execution.Tableau only supports product versions for 24 months after release.
network
low complexity
tableau CWE-22
critical
9.8
2022-05-25 CVE-2022-22127 Unspecified vulnerability in Tableau Server
Tableau is aware of a broken access control vulnerability present in Tableau Server affecting Tableau Server customers using Local Identity Store for managing users.
network
low complexity
tableau
7.2
2021-03-26 CVE-2021-1629 Open Redirect vulnerability in Tableau Server
Tableau Server fails to validate certain URLs that are embedded in emails sent to Tableau Server users.
network
low complexity
tableau CWE-601
6.1
2020-11-23 CVE-2020-6939 Unspecified vulnerability in Tableau Server
Tableau Server installations configured with Site-Specific SAML that allows the APIs to be used by unauthenticated users.
network
low complexity
tableau
critical
9.8
2020-07-08 CVE-2020-6938 Information Exposure Through Log Files vulnerability in Tableau Server
A sensitive information disclosure vulnerability in Tableau Server 10.5, 2018.x, 2019.x, 2020.x released before June 26, 2020, could allow access to sensitive information in log files.
network
low complexity
tableau CWE-532
7.5
2019-12-11 CVE-2019-19719 Cross-site Scripting vulnerability in Tableau Server
Tableau Server 10.3 through 2019.4 on Windows and Linux allows XSS via the embeddedAuthRedirect page.
network
low complexity
tableau CWE-79
6.1
2019-08-26 CVE-2019-15637 XXE vulnerability in Tableau products
Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS.
network
low complexity
tableau CWE-611
8.1