CVE-2025-26494 – A Server-Side Request Forgery (SSRF) vulnerabil... (How to Fix)

Q: What is the severity of CVE-2025-26494?

CVE-2025-26494 has a CVSS score of 7.7 (HIGH). A Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server versions 2023.3 through 2023.3.5 allows attackers to bypass authentication mechanisms. This affects organizations running vulnerable Tableau Server instances, potentially exposing sensitive data and internal systems.

📋 TL;DR

A Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server versions 2023.3 through 2023.3.5 allows attackers to bypass authentication mechanisms. This affects organizations running vulnerable Tableau Server instances, potentially exposing sensitive data and internal systems.

💻 Affected Systems

Products:

Salesforce Tableau Server

Versions: 2023.3 through 2023.3.5

Operating Systems: All supported Tableau Server OS platforms

Default Config Vulnerable: ⚠️ Yes

Notes: All Tableau Server installations within the affected version range are vulnerable regardless of configuration.

📦 What is this software?

Tableau Server by Tableau

View all CVEs affecting Tableau Server →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could bypass authentication entirely, access sensitive data, pivot to internal systems, and potentially achieve remote code execution.

🟠

Likely Case

Unauthorized access to Tableau dashboards and data, data exfiltration, and internal network reconnaissance.

🟢

If Mitigated

Limited impact with proper network segmentation, authentication controls, and monitoring in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires understanding of SSRF techniques and Tableau Server architecture, but no authentication is needed once the vulnerability is triggered.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2023.3.6 or later

Vendor Advisory: https://help.salesforce.com/s/articleView?id=001534936&type=1

Restart Required: No

Instructions:

1. Download Tableau Server 2023.3.6 or later from Salesforce. 2. Run the installer to upgrade. 3. Verify the upgrade completed successfully.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict Tableau Server's outbound network access to prevent SSRF exploitation

🧯 If You Can't Patch

Implement strict network segmentation to isolate Tableau Server from sensitive internal systems
Deploy web application firewall (WAF) rules to detect and block SSRF patterns

🔍 How to Verify

Check if Vulnerable:

Check Tableau Server version via Tableau Services Manager (TSM) web interface or command line

Check Version:

tsm version

Verify Fix Applied:

Confirm version is 2023.3.6 or later and test authentication mechanisms

📡 Detection & Monitoring

Log Indicators:

Unusual authentication bypass patterns
Unexpected outbound requests from Tableau Server

Network Indicators:

Suspicious requests to internal resources from Tableau Server IP

SIEM Query:

source="tableau_server" AND (event_type="auth_failure" OR url_contains="internal")

📊 Metadata

CVE ID: CVE-2025-26494

CVSS v3 Score: 7.7 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CWE: CWE-918

EPSS Score: 0.1% exploit probability (26.6th percentile)

Published: February 11, 2025

Last Updated: October 29, 2025

🔗 References

https://help.salesforce.com/s/articleView?id=001534936&type=1 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-26494, you might also want to check these: