Severity: Medium


Summary: Tableau Server writes some sensitive information to the log files in plain text.


Impact: Malicious users with access to Tableau logs can access passwords to data sources or secrets used to encrypt private keys used in SSL/TLS communication.


Vulnerable Version: Tableau Server 10.2 (through 10.2.1).


Resolution: The issue can be fixed by upgrading to the following Tableau Server version:


Tableau Server: 10.2.2