Severity: Medium


Summary: Tableau Services Manager (TSM) passes a sensitive value via the command line during node initialization.


TSM is included with Tableau Server on Linux.  Tableau Server on Windows in not affected by this vulnerability.


Impact: Malicious users with access to the host and the ability to view the process list, could view process attributes, including the TSM administrator password.


Vulnerable Versions:  The following versions have this vulnerability:

Tableau Server on Linux 2018.1 (through 2018.1.0).


Resolution: The issue can be fixed by upgrading to the following version:

Tableau Server on Linux 2018.1.1