Shodan
Vulnerabilities
Vulnerable Software
Tableau:  >> Tableau Server  >> 10.1.23  Security Vulnerabilities
CVE-2025-52450
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salesforce Tableau Server on Windows, Linux (abdoc api - create-data-source-from-file-upload modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-08-22
CVE-2025-52451
Improper Input Validation vulnerability in Salesforce Tableau Server on Windows, Linux (tabdoc api - create-data-source-from-file-upload modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
CVSS Score
8.5
EPSS Score
0.0
Published
2025-08-22
CVE-2025-52453
Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux (Flow Data Source modules) allows Resource Location Spoofing. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
CVSS Score
8.2
EPSS Score
0.0
Published
2025-07-25
CVE-2025-52454
Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux (Amazon S3 Connector modules) allows Resource Location Spoofing. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-07-25
CVE-2025-52455
Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux (EPS Server modules) allows Resource Location Spoofing. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-07-25
CVE-2025-52446
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux (tab-doc api modules) allows Interface Manipulation (data access to the production database cluster).This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
CVSS Score
8.0
EPSS Score
0.0
Published
2025-07-25
CVE-2025-52447
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux (set-initial-sql tabdoc command modules) allows Interface Manipulation (data access to the production database cluster). This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-07-25
CVE-2025-52448
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux (validate-initial-sql api modules) allows Interface Manipulation (data access to the production database cluster). This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-07-25
CVE-2025-52449
Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (Extensible Protocol Service modules) allows Alternative Execution Due to Deceptive Filenames (RCE). This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
CVSS Score
8.5
EPSS Score
0.0
Published
2025-07-25
CVE-2025-52452
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salesforce Tableau Server on Windows, Linux (tabdoc api - duplicate-data-source modules) allows Absolute Path Traversal. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
CVSS Score
8.5
EPSS Score
0.001
Published
2025-07-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved