CVE-2025-52451

CVSS v3.1

8.5

High

Vector

AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions: Tableau Server versions prior to 2025.1.3 Tableau Server versions prior to 2024.2.12 Tableau Server versions prior to 2023.3.19

Description: An improper input validation issue exists in the tabdoc api - create-data-source-from-file-upload modules of Tableau Server on Windows and Linux, allowing for absolute path traversal.

Recommendations: Update Tableau Server to version 2025.1.3 or later. Update Tableau Server to version 2024.2.12 or later. Update Tableau Server to version 2023.3.19 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2025-52451

Affected Products

Tableau Server

CVE-2025-52451

Weakness Enumeration

Related Identifiers

Affected Products

References · 6