TAN-2025-002
Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance.
Severity: High
Base Score: 7.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact
This vulnerability could allow an authenticated TanOS user with the tanuser role to execute unauthorized code in the context of the Tanium Appliance.
Products Affected
Tanium Appliance prior to version 1.8.4.
Available Updates
Tanium Appliance version 1.8.4 and later.
Workaround and Mitigations
None.
Acknowledgements
None.