VDB
CISA-2025-26495
CISA-2025-26495
PUBLISHED
CVSS 7.5 HIGH
Reported by Salesforce · Published February 11, 2025
Cleartext Storage of Sensitive Information vulnerability in Salesforce Tableau Server can record the Personal Access Token (PAT) into logging repositories.This issue affects Tableau Server: before 2022.1.3, before 2021.4.8, before 2021.3.13, before 2021.2.14, before 2021.1.16, before 2020.4.19.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Salesforce | Tableau Server | 0, 0, 0 |
| Salesforce | Tableau Server | 0, 0, 0 |
Timeline
- Feb 11, 2025 CVE Published
- Mar 4, 2025 CVE Updated