CPE Details
Tableau Server 2018.2.8
2018.2.8
2019-12-08 17:08 +00:00
2019-12-08 17:08 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:tableau:tableau_server:2018.2.8:*:*:*:*:*:*:*
Informations
Vendor
tableauProduct
tableau_serverVersion
2018.2.8Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| Tableau Server installations configured with Site-Specific SAML that allows the APIs to be used by unauthenticated users. If exploited, this could allow a malicious user to configure Site-Specific SAML settings and could lead to account takeover for users of that site. Tableau Server versions affected on both Windows and Linux are: 2018.2 through 2018.2.27, 2018.3 through 2018.3.24, 2019.1 through 2019.1.22, 2019.2 through 2019.2.18, 2019.3 through 2019.3.14, 2019.4 through 2019.4.13, 2020.1 through 2020.1.10, 2020.2 through 2020.2.7, and 2020.3 through 2020.3.2. | 9.8 |
CRITICAL |
||
| A sensitive information disclosure vulnerability in Tableau Server 10.5, 2018.x, 2019.x, 2020.x released before June 26, 2020, could allow access to sensitive information in log files. | 7.5 |
HIGH |
||
| Tableau Server 10.3 through 2019.4 on Windows and Linux allows XSS via the embeddedAuthRedirect page. | 6.1 |
MEDIUM |
||
| Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. This affects Tableau Server, Tableau Desktop, Tableau Reader, and Tableau Public Desktop. | 8.1 |
HIGH |
2024©
tesweb SA
