Severity: High

 

Summary: The 'readonly' and 'tableau' users in the repository are intended to have limited access to the tables in the repository. See "Collect Data with the Tableau Server Repository" (Windows | Linux).

 

By default, these accounts have access to tables in the repository. This vulnerability exposes write-access to two tables in the repository that may contain workbook information.

 

Impact: Malicious users with access to the 'readonly' or 'tableau' repository accounts can access datasources that are embedded in published workbooks. Malicious users may also modify the contents of workbooks stored in the vulnerable tables.

 

Mitigation: Disable access to the repository for the 'readonly' and 'tableau' user accounts:

Windows: http://onlinehelp.tableau.com/v2018.1/server/en-us/tabadmin_cmd.htm#dbpass

Linux: https://onlinehelp.tableau.com/v2018.1/server-linux/en-us/cli_data-access.htm#repository-access-disable

 

Vulnerable Versions:  The following versions have this vulnerability:

Tableau Server: 9.2 through 9.2.23

Tableau Server: 9.3 through 9.3.21

Tableau Server: 10.0 through 10.0.17

Tableau Server: 10.1 through 10.1.16

Tableau Server: 10.2 through 10.2.12

Tableau Server: 10.3 through 10.3.10

Tableau Server: 10.4 through 10.4.6

Tableau Server on Windows: 10.5 through 10.5.3

Tableau Server on Linux: 10.5 through 10.5.3

Tableau Server on Windows: 2018.1

Tableau Server on Linux: 2018.1

 

Resolution: The issue can be fixed by upgrading to the following version:

Tableau Server: 9.2.24

Tableau Server: 9.3.22

Tableau Server: 10.0.18

Tableau Server: 10.1.17

Tableau Server: 10.2.13

Tableau Server: 10.3.11

Tableau Server: 10.4.7

Tableau Server on Windows: 10.5.4

Tableau Server on Linux: 10.5.4

Tableau Server on Windows: 2018.1.1

Tableau Server on Linux: 2018.1.1