Описание
Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. This affects Tableau Server, Tableau Desktop, Tableau Reader, and Tableau Public Desktop.
Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. This affects Tableau Server, Tableau Desktop, Tableau Reader, and Tableau Public Desktop.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-15637
- https://community.tableau.com/community/security-bulletins/blog/2019/08/22/important-adv-2019-030-xxe-vulnerability-in-tableau-products
- https://github.com/minecrater/exploits/blob/master/TableauXXE.py
- https://packetstormsecurity.com/files/154232/Tableau-XML-Injection.html
Связанные уязвимости
CVSS3: 8.1
nvd
больше 6 лет назад
Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. This affects Tableau Server, Tableau Desktop, Tableau Reader, and Tableau Public Desktop.