![]() At this time, we recommend updating to the December 15, 2021, maintenance release which addresses CVE-2021-44228.We will let you know as soon as it becomes available. Tableau continues to actively work on a maintenance release that will update Log4j to version 2.16.We will keep you updated as the incident dictates. We recognize that this is a fluid situation, as we continue to monitor with the highest levels of urgency. Our initial analysis indicates Tableau products are not affected by the new details Apache disclosed within CVE-2021-45046. We are aware of recent updates Apache made to CVE-2021-45046 and are investigating Apache’s findings.If Tableau becomes aware of unauthorized access to customer data, we will notify impacted customers without undue delay. Updates will be posted to as additional information becomes available.For those who have not updated their products to the December 15, 2021, product release, we have made new updates to our Knowledge Base article with steps that can be taken to mitigate both CVE-2021-44228 and CVE-2021-45046.Based on currently available information, we have determined that Tableau products are not affected by CVE-2021-45105. We are aware of today’s public disclosure of CVE-2021-45105.If you have a technical question, please reach out to our support team who will be happy to help by creating a case.To stay up-to-date about this incident, please follow the Salesforce Trust post.This article contains steps that can be taken to mitigate both CVE-2021-44228 and CVE-2021-45046. For those who have not updated their products or have updated to the December 15, 2021, product release, please see the Apache Log4j2 vulnerability (Log4shell) Knowledge Base article.IMPORTANT NOTE: The steps provided in this article should not be used if you have updated to the Decemrelease.įor a running history of our status updates, refer to the What’s been happing section below. If your latest update is the Decemrelease or prior, please take the steps to mitigate both CVE-2021-44228 and CVE-2021-45046 vulnerabilities found in our Apache Log4j2 vulnerability (Log4shell) knowledge base article. Status for Tableau Online may be found on the Salesforce trust post. What’s happening nowĪs of December 19, 2021, we have released a product update for all currently impacted versions of Tableau products to address the CVE-2021-44228 and CVE-2021-45046 vulnerabilities. ![]() In order to address the current security vulnerabilities in CVE-2021-44228 and CVE-2021-45046, please update to the newest version of on-premise products. The following is our latest status update: We want to thank our customers for your patience and trust-our team is working around the clock to address the vulnerability because your security is our top priority.Īs we continue to share technical resources, we want to ensure that everyone is informed of actions they can take to enhance their security postures. Tableau has been investigating the security issue associated with the Java-based logging utility, Apache Log4j2. Reference Materials Toggle sub-navigationĮditor’s note: updated as of Decemat 8:00pm PT.Teams and Organizations Toggle sub-navigation.Plans and Pricing Toggle sub-navigation. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |