Highest overall severity: High


Summary:

A user connecting to a malicious Web Data Connector with Tableau Desktop on Mac can trigger a vulnerability.


Impact:

An attacker exploiting this vulnerability may be able to execute arbitrary code or cause a crash.


Products and Versions: Tableau Server | Tableau Desktop | Tableau Bridge | Tableau Prep Builder | Tableau Reader | Tableau Mobile | Tableau Public Desktop
Versions that are no longer supported are not tested and may be vulnerable.


Tableau Server

Severity: N/A
CVSS3 Score: N/A
Product specific notes: Not affected.


Tableau Desktop (Back to top of page)

Severity: High
CVSS3 Score: AV:N AC:H PR:N UI:R S:U C:H I:H A:H - 7.0 High


Vulnerable versions:

  • Tableau Desktop on Mac 10.1 through 10.1.22
  • Tableau Desktop on Mac 10.2 through 10.2.18


Resolved in versions:

  • Tableau Desktop on Mac 10.1.23
  • Tableau Desktop on Mac 10.2.19


Tableau Bridge (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product specific notes: Not affected.


Tableau Prep Builder (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product specific notes: Not affected.


Tableau Reader (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product specific notes: Not affected.


Tableau Mobile (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product specific notes: Not affected.


Tableau Public Desktop (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product specific notes: Not affected.