3.4 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.975 High
EPSS
Percentile
100.0%
07/18/2014
High
An obsolete version of OpenSSL was found in Tableau. By exploiting this vulnerability malicious users can cause denial of service, obtain sensitive information and bypass security. This vulnerability can be exploited remotely.
Tableau server 8.1. versions 8.1.12 and earlier
Tableau server 8.2. versions 8.2.4 and earlier
Update to latest version
ACE
CVE-2014-35664.3Warning
CVE-2014-35684.3Warning
CVE-2014-35137.1High
CVE-2014-35677.1High
Public exploits exist for this vulnerability.
www.tableausoftware.com/support/releases
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Tableau-Server/
3.4 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.975 High
EPSS
Percentile
100.0%