SQL injection vulnerability in Tableau Server 8.0.x before 8.0.7 and 8.1.x before 8.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be exploited by unauthenticated remote attackers if the guest user is enabled.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2014-01-31 15:07
Updated : 2024-02-28 12:20
NVD link : CVE-2014-1204
Mitre link : CVE-2014-1204
CVE.ORG link : CVE-2014-1204
JSON object : View
Products Affected
tableausoftware
- tableau_server
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')