CVE-2025-52451 is an Improper Input Validation vulnerability (CWE-20) identified in Salesforce Tableau Server, specifically affecting the tabdoc API's create-data-source-from-file-upload modules on both Windows and Linux platforms. The vulnerability allows an attacker to perform Absolute Path Traversal, a type of attack where the input validation failure permits the attacker to specify arbitrary file paths outside the intended directory scope. This can lead to unauthorized access to sensitive files on the server's filesystem. The affected versions include all Tableau Server releases prior to 2025.1.3, 2024.2.12, and 2023.3.19, indicating that multiple branches of the product are impacted. The vulnerability arises because the application does not properly sanitize or validate file path inputs during the file upload process, allowing crafted requests to traverse directories and potentially read or manipulate files beyond the upload directory. Although no known exploits are currently reported in the wild, the nature of Absolute Path Traversal vulnerabilities makes them attractive targets for attackers seeking to escalate privileges, access configuration files, or extract sensitive data. The lack of a CVSS score suggests that the vulnerability is newly published and pending further assessment. However, the technical details confirm that this is a serious input validation flaw that could compromise confidentiality and integrity of data on affected Tableau Server instances.

For European organizations, the impact of this vulnerability could be significant, especially for those relying on Tableau Server for business intelligence and data analytics. Unauthorized file access could lead to exposure of sensitive corporate data, including proprietary analytics, customer information, and internal configurations. This could result in data breaches, regulatory non-compliance (e.g., GDPR violations), and reputational damage. Additionally, attackers might leverage this vulnerability to implant malicious files or scripts, potentially leading to further compromise of the server environment or lateral movement within the network. Given Tableau Server's role in aggregating and visualizing critical business data, disruption or data leakage could severely impact decision-making processes and operational continuity. The absence of known exploits currently provides a window for organizations to proactively patch and mitigate the risk before active exploitation occurs.

European organizations should prioritize upgrading Tableau Server to the fixed versions 2025.1.3, 2024.2.12, or 2023.3.19 as soon as these patches are available. Until patches are applied, organizations should implement strict input validation and sanitization controls at the application or web server level to restrict file path inputs and prevent directory traversal attempts. Network segmentation and access controls should be enforced to limit exposure of Tableau Server to only trusted users and networks. Monitoring and logging of file upload activities should be enhanced to detect anomalous or suspicious requests indicative of exploitation attempts. Additionally, organizations can deploy Web Application Firewalls (WAFs) with rules targeting path traversal patterns to provide an additional layer of defense. Regular security assessments and penetration testing focused on file upload functionalities can help identify residual risks. Finally, educating administrators and users about the risks of improper file handling and ensuring secure configuration of Tableau Server instances will further reduce the attack surface.