Salesforce Tableau Server Cleartext Storage of Personal Access Token Vulnerability

Vulnerability

A vulnerability exists in Salesforce Tableau Server that allows for the cleartext storage of sensitive information, specifically Personal Access Tokens (PATs), in logging repositories. This issue affects Tableau Server versions prior to 2022.1.3, 2021.4.8, 2021.3.13, 2021.2.14, 2021.1.16, and 2020.4.19.

Impact

The vulnerability could lead to the unintentional exposure of Personal Access Tokens in log files, potentially allowing unauthorized access to user accounts or data.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Salesforce Tableau Server Cleartext Storage of Personal Access Token Vulnerability

Vulnerability

Impact

Affected Products

Salesforce Tableau Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating