CVE-2020-6939 - OpenCVE

Tableau Server installations configured with Site-Specific SAML that allows the APIs to be used by unauthenticated users. If exploited, this could allow a malicious user to configure Site-Specific SAML settings and could lead to account takeover for users of that site. Tableau Server versions affected on both Windows and Linux are: 2018.2 through 2018.2.27, 2018.3 through 2018.3.24, 2019.1 through 2019.1.22, 2019.2 through 2019.2.18, 2019.3 through 2019.3.14, 2019.4 through 2019.4.13, 2020.1 through 2020.1.10, 2020.2 through 2020.2.7, and 2020.3 through 2020.3.2.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Tableau	Tableau Server

Configuration 1 [-]

OR	cpe:2.3:a:tableau:tableau_server::::::::
	cpe:2.3:a:tableau:tableau_server::::::::
	cpe:2.3:a:tableau:tableau_server::::::::
	cpe:2.3:a:tableau:tableau_server::::::::
	cpe:2.3:a:tableau:tableau_server::::::::
	cpe:2.3:a:tableau:tableau_server::::::::
	cpe:2.3:a:tableau:tableau_server::::::::
	cpe:2.3:a:tableau:tableau_server::::::::
	cpe:2.3:a:tableau:tableau_server::::::::

References

Link	Resource
https://help.salesforce.com/articleView?id=000355686&type=1&mode=1	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Salesforce

Published: 2020-11-23T16:16:25

Updated: 2020-11-23T16:16:25

Reserved: 2020-01-13T00:00:00

Link: CVE-2020-6939

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-11-23T17:15:12.720

Modified: 2020-12-08T17:36:09.407

Link: CVE-2020-6939

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "Tableau Server", "vendor": "n/a", "versions": [{"status": "affected", "version": "versions affected on both Windows and Linux are: 2018.2 through 2018.2.27"}, {"status": "affected", "version": "2018.3 through 2018.3.24"}, {"status": "affected", "version": "2019.1 through 2019.1.22"}, {"status": "affected", "version": "2019.2 through 2019.2.18"}, {"status": "affected", "version": "2019.3 through 2019.3.14"}, {"status": "affected", "version": "2019.4 through 2019.4.13"}, {"status": "affected", "version": "2020.1 through 2020.1.10"}, {"status": "affected", "version": "2020.2 through 2020.2.7"}, {"status": "affected", "version": "2020.3 through 2020.3.2"}]}], "descriptions": [{"lang": "en", "value": "Tableau Server installations configured with Site-Specific SAML that allows the APIs to be used by unauthenticated users. If exploited, this could allow a malicious user to configure Site-Specific SAML settings and could lead to account takeover for users of that site. Tableau Server versions affected on both Windows and Linux are: 2018.2 through 2018.2.27, 2018.3 through 2018.3.24, 2019.1 through 2019.1.22, 2019.2 through 2019.2.18, 2019.3 through 2019.3.14, 2019.4 through 2019.4.13, 2020.1 through 2020.1.10, 2020.2 through 2020.2.7, and 2020.3 through 2020.3.2."}], "problemTypes": [{"descriptions": [{"description": "Incorrect Access Control", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-23T16:16:25", "orgId": "c9b25dee-ae6d-4083-ba23-638c500cc364", "shortName": "Salesforce"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://help.salesforce.com/articleView?id=000355686&type=1&mode=1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@salesforce.com", "ID": "CVE-2020-6939", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Tableau Server", "version": {"version_data": [{"version_value": "versions affected on both Windows and Linux are: 2018.2 through 2018.2.27"}, {"version_value": "2018.3 through 2018.3.24"}, {"version_value": "2019.1 through 2019.1.22"}, {"version_value": "2019.2 through 2019.2.18"}, {"version_value": "2019.3 through 2019.3.14"}, {"version_value": "2019.4 through 2019.4.13"}, {"version_value": "2020.1 through 2020.1.10"}, {"version_value": "2020.2 through 2020.2.7"}, {"version_value": "2020.3 through 2020.3.2"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Tableau Server installations configured with Site-Specific SAML that allows the APIs to be used by unauthenticated users. If exploited, this could allow a malicious user to configure Site-Specific SAML settings and could lead to account takeover for users of that site. Tableau Server versions affected on both Windows and Linux are: 2018.2 through 2018.2.27, 2018.3 through 2018.3.24, 2019.1 through 2019.1.22, 2019.2 through 2019.2.18, 2019.3 through 2019.3.14, 2019.4 through 2019.4.13, 2020.1 through 2020.1.10, 2020.2 through 2020.2.7, and 2020.3 through 2020.3.2."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Incorrect Access Control"}]}]}, "references": {"reference_data": [{"name": "https://help.salesforce.com/articleView?id=000355686&type=1&mode=1", "refsource": "CONFIRM", "url": "https://help.salesforce.com/articleView?id=000355686&type=1&mode=1"}]}}}}, "cveMetadata": {"assignerOrgId": "c9b25dee-ae6d-4083-ba23-638c500cc364", "assignerShortName": "Salesforce", "cveId": "CVE-2020-6939", "datePublished": "2020-11-23T16:16:25", "dateReserved": "2020-01-13T00:00:00", "dateUpdated": "2020-11-23T16:16:25", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tableau:tableau_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "18E26A40-022A-4887-85CE-E0BFF83F7299", "versionEndIncluding": "2018.2.27", "versionStartIncluding": "2018.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tableau:tableau_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "7B72068B-B413-4053-B1BC-0CD154D10D8D", "versionEndIncluding": "2018.3.24", "versionStartIncluding": "2018.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tableau:tableau_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "52F0B5EB-D5F4-4423-8754-E9BCC3699305", "versionEndIncluding": "2019.1.22", "versionStartIncluding": "2019.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tableau:tableau_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "56EB08BB-13A4-49C9-8928-DFD0DFA8D4AE", "versionEndIncluding": "2019.2.18", "versionStartIncluding": "2019.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tableau:tableau_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "4401C018-6851-4211-83B1-E5595A746116", "versionEndIncluding": "2019.3.14", "versionStartIncluding": "2019.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tableau:tableau_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "EFC0F0E8-FEB5-45AB-9D12-5592549E9408", "versionEndIncluding": "2019.4.13", "versionStartIncluding": "2019.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:tableau:tableau_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "06E3D4C4-6466-420B-AF73-4C2964D3F0A7", "versionEndIncluding": "2020.1.10", "versionStartIncluding": "2020.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tableau:tableau_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "DCE3600B-1D06-4A80-919D-32E2DA3ABFC0", "versionEndIncluding": "2020.2.7", "versionStartIncluding": "2020.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tableau:tableau_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "C60C48CC-A038-4AA3-95EE-045AB2F6D047", "versionEndIncluding": "2020.3.2", "versionStartIncluding": "2020.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Tableau Server installations configured with Site-Specific SAML that allows the APIs to be used by unauthenticated users. If exploited, this could allow a malicious user to configure Site-Specific SAML settings and could lead to account takeover for users of that site. Tableau Server versions affected on both Windows and Linux are: 2018.2 through 2018.2.27, 2018.3 through 2018.3.24, 2019.1 through 2019.1.22, 2019.2 through 2019.2.18, 2019.3 through 2019.3.14, 2019.4 through 2019.4.13, 2020.1 through 2020.1.10, 2020.2 through 2020.2.7, and 2020.3 through 2020.3.2."}, {"lang": "es", "value": "Instalaciones de Tableau Server configuradas con Site-Specific SAML que permite a usuarios no autenticados utilizar las API. Si se explota, esto podr\u00eda permitir a un usuario malicioso establecer la configuraci\u00f3n SAML espec\u00edfica del sitio y podr\u00eda conllevar a la toma de control de la cuenta para los usuarios de ese sitio. Tableau Server versiones afectadas tanto en Windows como en Linux son: 2018.2 hasta 2018.2.27, 2018.3 hasta 2018.3.24, 2019.1 hasta 2019.1.22, 2019.2 hasta 2019.2.18, 2019.3 hasta 2019.3.14, 2019.4 hasta 2019.4.13, 2020.1 hasta 2020.1.10, 2020.2 hasta 2020.2.7 y 2020.3 hasta 2020.3.2"}], "id": "CVE-2020-6939", "lastModified": "2020-12-08T17:36:09.407", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-23T17:15:12.720", "references": [{"source": "security@salesforce.com", "tags": ["Third Party Advisory"], "url": "https://help.salesforce.com/articleView?id=000355686&type=1&mode=1"}], "sourceIdentifier": "security@salesforce.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}