CVE-2025-52454

Name of the Vulnerable Software and Affected Versions Tableau Server versions prior to 2025.1.3 Tableau Server versions prior to 2024.2.12 Tableau Server versions prior to 2023.3.19

Description A Server-Side Request Forgery (SSRF) vulnerability exists in Tableau Server on Windows and Linux systems when using the Amazon S3 Connector modules. This issue allows for Resource Location Spoofing.

Recommendations Update Tableau Server to version 2025.1.3 or later. Update Tableau Server to version 2024.2.12 or later. Update Tableau Server to version 2023.3.19 or later.