Описание
SQL injection vulnerability in Tableau Server 8.0.x before 8.0.7 and 8.1.x before 8.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be exploited by unauthenticated remote attackers if the guest user is enabled.
SQL injection vulnerability in Tableau Server 8.0.x before 8.0.7 and 8.1.x before 8.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be exploited by unauthenticated remote attackers if the guest user is enabled.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-1204
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90730
- https://www.trustwave.com/spiderlabs/advisories/TWSL2014-003.txt
- http://osvdb.org/102568
- http://secunia.com/advisories/56620
- http://www.exploit-db.com/exploits/31578
- http://www.securityfocus.com/bid/65171
- http://www.securitytracker.com/id/1029706
- http://www.tableausoftware.com/support/releases/8.0.7
- http://www.tableausoftware.com/support/releases/812
Связанные уязвимости
SQL injection vulnerability in Tableau Server 8.0.x before 8.0.7 and 8.1.x before 8.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be exploited by unauthenticated remote attackers if the guest user is enabled.