Skip navigation
2016

Summary: On January 28, 2016 OpenSSL announced a high-severity vulnerability involving the use of Diffie-Hellman parameters based on unsafe primes. Our current determination is that Tableau Server, Tableau Desktop, Tableau Online, and Tableau Public are not affected by this vulnerability.

 

NVD Announcement for CVE-2016-0701: https://www.openssl.org/news/secadv/20160128.txt

Severity: Medium

 

Summary: When Salesforce Canvas Adapter for Tableau (also known as Tableau Sparkler) is used with Salesforce, under certain circumstances an authenticated user can impersonate another Tableau Server user.  See this KB article for more information.

 

Vulnerable Versions:

All versions of Salesforce Canvas Adapter for Tableau, also known as Tableau Sparkler, through 1.0.1

 

Resolution: The issue can be fixed by upgrading to the following Sparkler version:

Tableau Sparklers 1.0.2