CNNVD-202507-3338 Information

CNNVD ID

CNNVD-202507-3338

Related CVE

CVE-2025-52454

• CNNVD Published: 2025-07-25

Description (Chinese)

Salesforce Tableau Server是Salesforce公司的一个数据可视化分析平台。 Salesforce Tableau Server 2025.1.3之前版本、2024.2.12之前版本和2023.3.19之前版本存在安全漏洞，该漏洞源于Amazon S3 Connector模块验证不足，可能导致服务端请求伪造。

Description (English)

Salesforce Tableau Server is a data visualization analysis platform for Salesforce. There is a security loophole in previous editions of Salesforce Tableau Server 2025.1.3, 2024.2.12 and 2023.3.19, which stems from inadequate validation of the Amazon S3 Contractor module, which may result in the forgery of service-level requests.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Salesforce

Published

2025-07-25

Last Modified

2026-02-24

References

https://help.salesforce.com/s/articleView?id=005105043&type=1 https://access.redhat.com/security/cve/cve-2025-52454

Patch

https://www.tableau.com/support/releases/server