Highest overall severity: High


Summary:

Tableau Server configured with an external Active Directory identity store can be forced to attempt to find users in a domain other than the one configured. An unauthenticated attacker can capture the Tableau Server Run As service account NTLMv1 password hash during this operation.


Impact:

The Run As service account password could be discovered by a brute-force attack of the NTLMv1 hash.


Products and Versions: Tableau Server | Tableau Desktop | Tableau Bridge | Tableau Prep | Tableau Reader | Tableau Mobile | Tableau Public Desktop
*Versions that are no longer supported are not tested and may be vulnerable.


Tableau Server

Severity: High
CVSS3 Score: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N - 7.5 High
Product Specific Notes: This only affects Tableau Servers configured to use an Active Directory identity store.

Vulnerable versions:

  • Tableau Server on Linux 10.5.0 through 10.5.22
  • Tableau Server on Linux 2018.1.0 through 2018.1.19
  • Tableau Server on Linux 2018.2.0 through 2018.2.16
  • Tableau Server on Linux 2018.3.0 through 2018.3.13
  • Tableau Server on Linux 2019.1.0 through 2019.1.11
  • Tableau Server on Linux 2019.2.0 through 2019.2.7
  • Tableau Server on Linux 2019.3.0 through 2019.3.3
  • Tableau Server on Linux 2019.4.0 through 2019.4.1

  • Tableau Server on Windows 10.4.0 through 10.4.23
  • Tableau Server on Windows 10.5.0 through 10.5.22
  • Tableau Server on Windows 2018.1.0 through 2018.1.19
  • Tableau Server on Windows 2018.2.0 through 2018.2.16
  • Tableau Server on Windows 2018.3.0 through 2018.3.13
  • Tableau Server on Windows 2019.1.0 through 2019.1.11
  • Tableau Server on Windows 2019.2.0 through 2019.2.7
  • Tableau Server on Windows 2019.3.0 through 2019.3.3
  • Tableau Server on Windows 2019.4.0 through 2019.4.1


Resolved in versions:

  • Tableau Server on Linux 10.5.23
  • Tableau Server on Linux 2018.1.20
  • Tableau Server on Linux 2018.2.17
  • Tableau Server on Linux 2018.3.14
  • Tableau Server on Linux 2019.1.12
  • Tableau Server on Linux 2019.2.8
  • Tableau Server on Linux 2019.3.4
  • Tableau Server on Linux 2019.4.2

  • Tableau Server on Windows 10.4.24
  • Tableau Server on Windows 10.5.23
  • Tableau Server on Windows 2018.1.20
  • Tableau Server on Windows 2018.2.17
  • Tableau Server on Windows 2018.3.14
  • Tableau Server on Windows 2019.1.12
  • Tableau Server on Windows 2019.2.8
  • Tableau Server on Windows 2019.3.4
  • Tableau Server on Windows 2019.4.2


Tableau Desktop (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product Specific Notes: Not affected.


Tableau Bridge (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product Specific Notes: Not affected.


Tableau Prep (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product Specific Notes: Not affected.


Tableau Reader (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product Specific Notes: Not affected.


Tableau Mobile (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product Specific Notes: Not affected.


Tableau Public Desktop (Back to top of page)

Severity: N/A
CVSS3 Score: N/A
Product Specific Notes: Not affected.


Acknowledgement: This vulnerability was discovered by Jason Juntunen.