CNNVD-202508-2675 Information

CNNVD ID

CNNVD-202508-2675

Related CVE

CVE-2025-26497

• CNNVD Published: 2025-08-22

Description (Chinese)

Salesforce Tableau Server是Salesforce公司的一个数据可视化分析平台。 Salesforce Tableau Server 2025.1.3之前版本、2024.2.12之前版本和2023.3.19之前版本存在安全漏洞，该漏洞源于任意文件上传可能导致绝对路径遍历。

Description (English)

Salesforce Tableau Server is a data visualization analysis platform for Salesforce. There is a security loophole in previous editions of Salesforce Tableau Server 2025.1.3, 2024.2.12 and 2023.3.19, which stems from the possibility that any uploading of documents could lead to an absolute path.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Salesforce

Published

2025-08-22

Last Modified

2026-02-24

References

https://help.salesforce.com/s/articleView?id=005132575&type=1 https://nvd.nist.gov/vuln/detail/CVE-2025-26497 https://access.redhat.com/security/cve/cve-2025-26497

Patch

https://www.tableau.com/support/releases/server