KNOWLEDGE BASE

CVE-2021-41773 and CVE-2021-42013 Vulnerabilities


Published: 12 Oct 2021
Last Modified Date: 13 Oct 2021

Issue

Security scanning software might show CVE-2021-41773 and CVE-2021-42013 vulnerabilities.

Environment

Tableau Server releases prior to October 2021, that is Tableau Server 2021.3.1.

Resolution

Check the Apache Server version by navigating to the OpenSSL executable and running the command:

httpd -v

If the version is less than 2.4.49, then Tableau Server is not affected

Cause

CVE-2021-41773 and CVE-2021-42013 apply to Apache Server 2.4.49 and 2.4.50 

Additional Information

The Apache component is being upgraded in newer Tableau releases, and this might affect future releases.  
Did this article resolve the issue?