Severity: Medium

 

Summary: Tableau Server writes some sensitive information to the log files in plain text.

 

Impact: Malicious users with access to Tableau logs can access passwords to data sources or secrets used to encrypt private keys used in SSL/TLS communication.

 

Vulnerable Version: Tableau Server 10.2 (through 10.2.1).

 

Resolution: The issue can be fixed by upgrading to the following Tableau Server version:

 

Tableau Server: 10.2.2