CVE-2025-26495

CVE-2025-26495: Sensitive Data Exposure in Tableau Server

Vendor Salesforce
Product Tableau Server
Weakness CWE-312 · Cleartext storage
Published February 11, 2025
Last update March 4, 2025

CVSS base score

What the vulnerability does

01Description

Cleartext Storage of Sensitive Information vulnerability in Salesforce Tableau Server can record the Personal Access Token (PAT) into logging repositories.This issue affects Tableau Server: before 2022.1.3, before 2021.4.8, before 2021.3.13, before 2021.2.14, before 2021.1.16, before 2020.4.19.

Key dates

02Disclosure timeline

February 11, 2025 CVE published
March 4, 2025 Record updated