VDB

CISA-2025-26495

CISA-2025-26495 PUBLISHED CVSS 7.5 HIGH

Reported by Salesforce · Published February 11, 2025

Cleartext Storage of Sensitive Information vulnerability in Salesforce Tableau Server can record the Personal Access Token (PAT) into logging repositories.This issue affects Tableau Server: before 2022.1.3, before 2021.4.8, before 2021.3.13, before 2021.2.14, before 2021.1.16, before 2020.4.19.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersions
SalesforceTableau Server0, 0, 0
SalesforceTableau Server0, 0, 0

Timeline

  • Feb 11, 2025 CVE Published
  • Mar 4, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›