Highest overall severity: Medium


Summary:

Extracts created on Tableau Server with web authoring are not encrypted even if "Encrypted" was selected.


Impact:

Extracts that Tableau Server reports as encrypted are stored in plaintext.

 

Products and Versions: Tableau Server | Tableau Desktop | Tableau Bridge | Tableau Prep | Tableau Reader | Tableau Mobile | Tableau Public Desktop
*Versions that are no longer supported are not tested and may be vulnerable.


Tableau Server

Severity: Medium
CVSS3 Score: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N - 4.7 Medium
Product Specific Notes: None.

Vulnerable versions:

  • Tableau Server on Linux 2019.4 through 2019.4.0

  • Tableau Server on Windows 2019.4 through 2019.4.0


Resolved in versions:

  • Tableau Server on Linux 2019.4.1

  • Tableau Server on Windows 2019.4.1

 

Tableau Desktop (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product Specific Notes: Not affected.

 

Tableau Bridge (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product Specific Notes: Not affected.

 

Tableau Prep (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product Specific Notes: Not affected.

 

Tableau Reader (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product Specific Notes: Not affected.

 

Tableau Mobile (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product Specific Notes: Not affected.

 

Tableau Public Desktop (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product Specific Notes: Not affected.