CVE-2025-52450 is a path traversal vulnerability identified in Salesforce Tableau Server, specifically affecting the 'abdoc api' modules responsible for creating data sources from file uploads on Windows and Linux platforms. The vulnerability arises due to improper limitation of pathname inputs, classified under CWE-22, allowing an attacker with limited privileges (PR:L) to perform absolute path traversal attacks. This means an attacker can craft a malicious request to access files outside the intended restricted directories by manipulating file path parameters. The vulnerability affects multiple versions of Tableau Server prior to 2025.1.3, 2024.2.12, and 2023.3.19. The CVSS v3.1 base score is 6.5 (medium severity), with an attack vector of network (AV:N), low attack complexity (AC:L), requiring privileges (PR:L), no user interaction (UI:N), unchanged scope (S:U), high confidentiality impact (C:H), but no impact on integrity (I:N) or availability (A:N). Exploitation could lead to unauthorized disclosure of sensitive files on the server, potentially exposing configuration files, credentials, or other confidential data. No known exploits are currently reported in the wild, and no patches are linked yet, indicating that organizations must monitor for updates and apply them promptly once available. The vulnerability is significant because Tableau Server is widely used for business intelligence and data visualization, often containing sensitive corporate data. The path traversal flaw could be leveraged by an authenticated attacker to escalate information disclosure risks without requiring user interaction, increasing the threat surface.

For European organizations, the impact of this vulnerability could be substantial, especially for enterprises relying on Tableau Server for critical data analytics and reporting. Unauthorized access to sensitive files could lead to exposure of personal data, intellectual property, or internal configuration details, potentially violating GDPR and other data protection regulations. This could result in regulatory fines, reputational damage, and loss of customer trust. Additionally, the confidentiality breach could facilitate further attacks, such as lateral movement within the network or privilege escalation. Since the vulnerability requires some level of authentication, insider threats or compromised credentials pose a significant risk. The lack of impact on integrity and availability reduces the risk of data tampering or service disruption, but the confidentiality breach alone is critical for compliance-driven sectors such as finance, healthcare, and government entities prevalent in Europe.

European organizations should implement the following specific mitigations: 1) Immediately audit and restrict access controls on Tableau Server to minimize the number of users with privileges capable of exploiting this vulnerability. 2) Monitor and log all file upload and API activities related to the 'abdoc api' modules to detect anomalous path traversal attempts. 3) Apply strict input validation and sanitization on file path parameters, ensuring that only expected directory paths are accepted, and reject absolute or relative path traversal sequences (e.g., '../'). 4) Isolate Tableau Server instances in segmented network zones with limited access to sensitive backend file systems. 5) Enforce multi-factor authentication (MFA) to reduce the risk of credential compromise. 6) Stay vigilant for official Salesforce patches or updates addressing this vulnerability and deploy them promptly. 7) Conduct regular vulnerability scans and penetration tests focusing on path traversal and file upload functionalities. 8) Educate administrators and users about the risks of privilege misuse and suspicious activities related to file handling on Tableau Server.