CVE-2025-52450

Medium CVSS: 6.5

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salesforce Tableau Server on Windows, Linux (abdoc api - create-data-source-from-file-upload modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.

Vendor

Tableau

Product

Tableau Server

CWE

CWE-22

Yayın Tarihi

2025-08-22 21:15:32

Güncelleme

2025-10-31 13:13:29

Source Identifier

security@salesforce.com

KEV Date Added

Kategoriler

CWE-22 Tableau Server MEDIUM Tableau 2025

Referanslar

https://help.salesforce.com/s/articleView?id=005132575&type=1

Benzer Kayıtlar

High

CVE-2025-52451

Improper Input Validation vulnerability in Salesforce Tableau Server on Windows, Linux (tabdoc api - create-data-source-…

Critical

CVE-2025-26496

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau Server, Tableau Deskto…

High

CVE-2025-26497

Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (Flow Edito…

High

CVE-2025-26498

Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (establish-…

High

CVE-2025-52453

Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux (Flow Data Source module…

High

CVE-2025-52454

Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux (Amazon S3 Connector mod…