Skip to main content

CVE-2025-52453: CWE-918 Server-Side Request Forgery (SSRF) in Salesforce Tableau Server

High
VulnerabilityCVE-2025-52453cvecve-2025-52453cwe-918
Published: Fri Jul 25 2025 (07/25/2025, 19:05:50 UTC)
Source: CVE Database V5
Vendor/Project: Salesforce
Product: Tableau Server

Description

Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux (Flow Data Source modules) allows Resource Location Spoofing. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.

AI-Powered Analysis

AILast updated: 07/25/2025, 19:33:36 UTC

Technical Analysis

CVE-2025-52453 is a Server-Side Request Forgery (SSRF) vulnerability identified in Salesforce Tableau Server, specifically affecting the Flow Data Source modules on Windows and Linux platforms. SSRF vulnerabilities occur when an attacker can manipulate a server to make unintended requests to internal or external resources, potentially bypassing network access controls. In this case, the vulnerability allows an attacker to perform Resource Location Spoofing, which means the attacker can trick the Tableau Server into fetching resources from locations of their choosing. This can lead to unauthorized internal network scanning, data exfiltration, or interaction with internal services that are otherwise inaccessible externally. The affected versions include all releases prior to 2025.1.3, 2024.2.12, and 2023.3.19, indicating multiple branches of Tableau Server are impacted. No public exploits are currently known, and no CVSS score has been assigned yet. However, the vulnerability is significant because Tableau Server is often deployed in enterprise environments with access to sensitive business intelligence data and internal networks. Exploitation could allow attackers to pivot within an organization’s infrastructure or access sensitive data indirectly through the server. The vulnerability is categorized under CWE-918, which highlights the risk of SSRF leading to unauthorized resource access or network reconnaissance. Since Tableau Server is a critical analytics platform, this SSRF flaw could be leveraged to compromise confidentiality and integrity of data, as well as availability if used to trigger denial-of-service conditions.

Potential Impact

For European organizations, the impact of this SSRF vulnerability in Salesforce Tableau Server could be substantial. Many enterprises, including financial institutions, healthcare providers, and government agencies across Europe, rely on Tableau Server for data visualization and decision-making. An SSRF exploit could enable attackers to bypass perimeter defenses and access internal services, potentially exposing sensitive personal data protected under GDPR. This could lead to data breaches, regulatory penalties, and reputational damage. Additionally, attackers might use the vulnerability to perform lateral movement within corporate networks, increasing the risk of further compromise or ransomware deployment. The disruption of Tableau Server services could also impact business continuity and operational efficiency. Given the widespread adoption of Tableau Server in Europe and the critical nature of the data it processes, the vulnerability poses a high risk to confidentiality, integrity, and availability of organizational data and services.

Mitigation Recommendations

To mitigate this SSRF vulnerability effectively, European organizations should: 1) Immediately apply the latest patches from Salesforce for Tableau Server versions 2025.1.3, 2024.2.12, or 2023.3.19 as applicable. 2) Implement strict network segmentation and firewall rules to restrict Tableau Server’s outbound requests only to trusted and necessary endpoints, minimizing the attack surface for SSRF exploitation. 3) Employ web application firewalls (WAF) with SSRF detection capabilities to monitor and block suspicious request patterns targeting Tableau Server. 4) Conduct thorough security reviews and penetration testing focused on SSRF vectors within Tableau Server deployments. 5) Monitor server logs for unusual outbound request activity that could indicate exploitation attempts. 6) Limit Tableau Server’s permissions and network access to the minimum required for operation, reducing potential impact if exploited. 7) Educate IT and security teams about SSRF risks and ensure incident response plans include scenarios involving SSRF attacks on analytics platforms. These targeted measures go beyond generic advice by focusing on controlling outbound requests, patch management, and active monitoring specific to Tableau Server’s architecture.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
Salesforce
Date Reserved
2025-06-16T20:18:48.946Z
Cvss Version
null
State
PUBLISHED

Threat ID: 6883d858ad5a09ad00565a87

Added to database: 7/25/2025, 7:17:44 PM

Last enriched: 7/25/2025, 7:33:36 PM

Last updated: 8/18/2025, 1:22:23 AM

Views: 8

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats