Severity: Medium

 

Summary: A malicious workbook that has a refresh job scheduled on it can cause the Backgrounder service to crash and fail to process any subsequent jobs.

 

Impact: The Backgrounder service will repeatedly crash and no new jobs will be processed.

 

Vulnerable Versions:  The following versions have this vulnerability:

Tableau Server 2018.2.0 through 2018.2.3

Tableau Server 2018.3.0

Tableau Server on Linux 2018.2.0 through 2018.2.3

Tableau Server on Linux 2018.3.0

 

 

Resolution: The issue can be fixed by upgrading to the following version:

Tableau Server 2018.2.4

Tableau Server 2018.3.1

Tableau Server on Linux 2018.2.4

Tableau Server on Linux 2018.3.1