U-M secures data dashboards amid ‘severe’ worldwide software vulnerability


Due to a worldwide software security vulnerability, all University of Michigan Tableau dashboards are temporarily only available to users on the university’s network or using the university virtual private network. 

The issue caused by a flaw recently found in a Java logging tool widely used in applications and software – including Tableau – is affecting all COVID-19 dashboards, as well as all other U-M dashboards that leverage Tableau.

To provide important COVID-19 data updates to the community, the dashboard team is working on a solution to this limitation. An update will be shared when available.

“Limiting access to the dashboards to those using the U-M network or firewall helps protect the university’s systems and data,” said Sol Bermann, chief information security officer and executive director of ITS Information Assurance.

“We know that Tableau is working hard on a software patch, and once that is available, we will move to rapidly apply it and open the dashboards to the public again.”

A Dec. 13 alert on Tableau’s online support page states the company is actively monitoring this issue and working to patch any Tableau services.

The university is now exploring different options for sharing data updates with the public while the dashboards are not available.

“A number of teams in ITS and across the university are working to address the issue, and the ITS Information Assurance team continues to investigate the situation,” Bermann said.

Important updates related to this vulnerability will be published on the Safe Computing webpage.


Leave a comment

Commenting is closed for this article. Please read our comment guidelines for more information.