MidnightBSD

Advisories for tableausoftware

CVE-2014-1204 HIGH

SQL injection vulnerability in Tableau Server 8.0.x before 8.0.7 and 8.1.x before 8.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be exploited by unauthenticated remote attackers if the guest user is enabled.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
tableausoftware tableau_server 8.1
tableausoftware tableau_server 8.0.1
tableausoftware tableau_server 8.0.5
tableausoftware tableau_server 8.0.3
tableausoftware tableau_server 8.1.1
tableausoftware tableau_server 8.0
tableausoftware tableau_server 8.0.6
tableausoftware tableau_server 8.0.2
tableausoftware tableau_server 8.0.4