Salesforce Tableau Server

14 CVEs affecting Salesforce Tableau Server. Latest disclosed: 2025-08-22. Critical: 0, High: 12.

Top CVEs affecting Salesforce Tableau Server
CVESeverityScorePublishedSummary
CVE-2025-52451High8.52025-08-22Improper Input Validation vulnerability in Salesforce Tableau Server on Windows, Linux (tabdoc api - create-data-source-from-file-upload modules) allows Absolu…
CVE-2025-52452High8.52025-07-25Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salesforce Tableau Server on Windows, Linux (tabdoc api - dupli…
CVE-2025-52449High8.52025-07-25Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (Extensible Protocol Service modules) allows Alter…
CVE-2025-52454High8.22025-07-25Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux (Amazon S3 Connector modules) allows Resource Location Spoofing…
CVE-2025-52453High8.22025-07-25Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux (Flow Data Source modules) allows Resource Location Spoofing. T…
CVE-2025-52448High8.12025-07-25Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux (validate-initial-sql api modules) allows Interfa…
CVE-2025-52447High8.12025-07-25Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux (set-initial-sql tabdoc command modules) allows I…
CVE-2025-52446High8.02025-07-25Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux (tab-doc api modules) allows Interface Manipulati…
CVE-2025-26494High7.72025-02-11Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server allows Authentication Bypass.This issue affects Tableau Server: from 2023.3 throu…
CVE-2025-26495High7.52025-02-11Cleartext Storage of Sensitive Information vulnerability in Salesforce Tableau Server can record the Personal Access Token (PAT) into logging repositories.This…
CVE-2025-26498High7.32025-08-22Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (establish-connection-no-undo modules) allows Abso…
CVE-2025-26497High7.32025-08-22Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (Flow Editor modules) allows Absolute Path Travers…
CVE-2025-52450Medium6.52025-08-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salesforce Tableau Server on Windows, Linux (abdoc api - create…
CVE-2025-52455Medium5.32025-07-25Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux (EPS Server modules) allows Resource Location Spoofing. This is…