CVE-2025-52449 - CERT CVE

  1. CVE-2025-52449

ID CVE-2025-52449
Sažetak Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (Extensible Protocol Service modules) allows Alternative Execution Due to Deceptive Filenames (RCE). This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Reference
CVSS
Base: 8.5
Impact: 5.8
Exploitability:2.1
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH NONE
CVSS vektor CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Zadnje važnije ažuriranje 25-07-2025 - 20:15
Objavljeno 25-07-2025 - 19:15