SQL injection vulnerability in Tableau Server 8.0.x before 8.0.7 and 8.1.x before 8.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be exploited by unauthenticated remote attackers if the guest user is enabled.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| tableausoftware | tableau_server | 8.1 |
| tableausoftware | tableau_server | 8.0.1 |
| tableausoftware | tableau_server | 8.0.5 |
| tableausoftware | tableau_server | 8.0.3 |
| tableausoftware | tableau_server | 8.1.1 |
| tableausoftware | tableau_server | 8.0 |
| tableausoftware | tableau_server | 8.0.6 |
| tableausoftware | tableau_server | 8.0.2 |
| tableausoftware | tableau_server | 8.0.4 |