Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-22128

Опубликовано: 17 окт. 2022
Источник: nvd
CVSS3: 9.8
EPSS Низкий

Описание

Tableau discovered a path traversal vulnerability affecting Tableau Server Administration Agent’s internal file transfer service that could allow remote code execution.Tableau only supports product versions for 24 months after release. Older versions have reached their End of Life and are no longer supported. They are also not assessed for potential security issues and do not receive security updates.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:tableau:tableau_server:*:*:*:*:*:*:*:*
Версия от 2020.4 (включая) до 2020.4.20 (включая)
cpe:2.3:a:tableau:tableau_server:*:*:*:*:*:*:*:*
Версия от 2021.1 (включая) до 2021.1.17 (включая)
cpe:2.3:a:tableau:tableau_server:*:*:*:*:*:*:*:*
Версия от 2021.2 (включая) до 2021.2.15 (включая)
cpe:2.3:a:tableau:tableau_server:*:*:*:*:*:*:*:*
Версия от 2021.3 (включая) до 2021.3.14 (включая)
cpe:2.3:a:tableau:tableau_server:*:*:*:*:*:*:*:*
Версия от 2021.4 (включая) до 2021.4.9 (включая)
cpe:2.3:a:tableau:tableau_server:*:*:*:*:*:*:*:*
Версия от 2022.1 (включая) до 2022.1.4 (включая)

EPSS

Процентиль: 82%
0.01694
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-22
CWE-22

Связанные уязвимости

github логотип

GHSA-mchj-fc27-3mfm

CVSS3: 9.8
github
больше 2 лет назад

Tableau discovered a path traversal vulnerability affecting Tableau Server Administration Agent’s internal file transfer service that could allow remote code execution.Tableau only supports product versions for 24 months after release. Older versions have reached their End of Life and are no longer supported. They are also not assessed for potential security issues and do not receive security updates.

EPSS

Процентиль: 82%
0.01694
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-22
CWE-22