Last Modified Date: 02 Mar 2018
- Tableau Server
- Tableau Online
AnswerCWE 287 indicates a class of vulnerabilities related to improper authentication. CERT VU#475445 addresses a specific improper authentication issue regarding SAML libraries underneath this general classification.
Tableau Server and Tableau Online do not use any of the affected libraries. Tableau uses the Java version of openSAML from the Shibboleth Consortium and this version of the Java library is not affected by this vulnerability.
Internal testing done by our Product Security team has also confirmed that Tableau Server and Online are not affected.
Additional InformationCWE-287: Improper Authentication
Vulnerability Note VU#475445
Thank you for providing your feedback on the effectiveness of the article.
Open new Case
Training and Tutorials