Tableau Server
Approved changes feed: RSS · Atom
cpe:2.3:a:salesforce:tableau_server:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Salesforce (cfdafdea-90cf-5590-ad24-239f205b7d02) |
|---|---|
| Product | Tableau Server (0d0eca8e-56a2-5809-8cdd-fb0f742faecf) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-52455 |
vulnerable | 2026-06-03 15:01:59.271449 |
Details available
Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux (EPS Server modules) allows Resource Location Spoofing. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Published: 2025-07-25T19:11:47.772Z
Updated: 2025-07-25T20:35:15.934Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-52454 |
vulnerable | 2026-06-03 15:01:59.271017 |
Details available
Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux (Amazon S3 Connector modules) allows Resource Location Spoofing. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Published: 2025-07-25T19:08:59.366Z
Updated: 2026-03-23T20:15:14.290Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-52453 |
vulnerable | 2026-06-03 15:01:59.270340 |
Details available
Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux (Flow Data Source modules) allows Resource Location Spoofing. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Published: 2025-07-25T19:05:50.905Z
Updated: 2025-07-25T20:13:23.380Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-52452 |
vulnerable | 2026-06-03 15:01:59.269870 |
Details available
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salesforce Tableau Server on Windows, Linux (tabdoc api - duplicate-data-source modules) allows Absolute Path Traversal. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Published: 2025-07-25T19:00:05.794Z
Updated: 2025-07-25T20:09:34.151Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-52451 |
vulnerable | 2026-06-03 15:01:59.269335 |
Details available
Improper Input Validation vulnerability in Salesforce Tableau Server on Windows, Linux (tabdoc api - create-data-source-from-file-upload modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Published: 2025-08-22T20:20:12.596Z
Updated: 2025-08-22T21:03:09.804Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-52450 |
vulnerable | 2026-06-03 15:01:59.268719 |
Details available
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salesforce Tableau Server on Windows, Linux (abdoc api - create-data-source-from-file-upload modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Published: 2025-08-22T20:18:19.554Z
Updated: 2025-08-27T14:55:29.097Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-52449 |
vulnerable | 2026-06-03 15:01:59.268194 |
Details available
Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (Extensible Protocol Service modules) allows Alternative Execution Due to Deceptive Filenames (RCE). This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Published: 2025-07-25T18:56:25.554Z
Updated: 2026-02-26T17:50:14.493Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-52448 |
vulnerable | 2026-06-03 15:01:59.267601 |
Details available
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux (validate-initial-sql api modules) allows Interface Manipulation (data access to the production database cluster). This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Published: 2025-07-25T18:53:39.834Z
Updated: 2025-07-25T19:12:16.762Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-52447 |
vulnerable | 2026-06-03 15:01:59.266974 |
Details available
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux (set-initial-sql tabdoc command modules) allows Interface Manipulation (data access to the production database cluster). This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Published: 2025-07-25T18:50:03.762Z
Updated: 2025-07-25T19:12:47.257Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-52446 |
vulnerable | 2026-06-03 15:01:59.261500 |
Details available
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux (tab-doc api modules) allows Interface Manipulation (data access to the production database cluster).This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Published: 2025-07-25T18:43:13.357Z
Updated: 2025-07-25T18:59:45.501Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-26498 |
vulnerable | 2026-06-03 14:59:59.347713 |
Details available
Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (establish-connection-no-undo modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Published: 2025-08-22T20:16:04.606Z
Updated: 2025-08-25T20:40:42.621Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-26497 |
vulnerable | 2026-06-03 14:59:59.347234 |
Details available
Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (Flow Editor modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Published: 2025-08-22T20:13:13.441Z
Updated: 2025-08-25T20:41:21.628Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-26495 |
vulnerable | 2026-06-03 14:59:59.344831 |
Sensitive Data Exposure in Tableau Server
Cleartext Storage of Sensitive Information vulnerability in Salesforce Tableau Server can record the Personal Access Token (PAT) into logging repositories.This issue affects Tableau Server: before 2022.1.3, before 2021.4.8, before 2021.3.13, before 2021.2.14, before 2021.1.16, before 2020.4.19.
Published: 2025-02-11T17:56:38.732Z
Updated: 2025-03-04T20:15:58.653Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-26494 |
vulnerable | 2026-06-03 14:59:59.343310 |
Server Side Request Forgery vulnerability in Tableau Server
Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server allows Authentication Bypass.This issue affects Tableau Server: from 2023.3 through 2023.3.5.
Published: 2025-02-11T17:33:53.360Z
Updated: 2025-02-19T21:16:20.388Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.