2021 Security Advisories
2020 Security Advisories
ADV-2020-061
Tableau Server Non-Default Installation Weak Folder Permissions
SolarWinds Software Compromise
Federal government and Fortune 500 companies compromised by supply chain attack
ADV-2020-050
REST API Returns a Site Configuration Value to Unauthenticated Users
CVE-2020-6938
Sensitive information disclosure vulnerability in Tableau Server
COVID-19 Business Continuity Statement
Salesforce has not experienced any significant business impacts
2019 Security Advisories
Manage Security Contacts for Your Organization
If your organization is impacted by an information security incident, your organization’s Security Contact(s) will be notified.
Enhancements to Security of Community and Portal Users
Potential impact to default sharing settings
2018 Security Advisories
Salesforce Security Vulnerability
Security vulnerability impact on Salesforce Sites and Communities
2017 Security Advisories
MS17-010 Vulnerability (AKA EternalBlue)
Malware leveraging MS17-010 (AKA EternalBlue) Vulnerability
Google Docs Phishing Campaign
Google Docs invitation containing a phishing link.
Cloudflare Vulnerability
Cloudflare, an embedded content delivery network and internet security services provider, disclosed a security vulnerability in their edge servers, which could expose information such as HTTP cookies, authentication tokens, and HTTP POST bodies.
Report a Security Concern
As a leading software-as-a-service and platform-as-a-service provider, Salesforce is committed to setting the standard in safeguarding our environment and customers’ data. Partner with us by reporting any security concerns.