Skip to content

TAN-2025-013

Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server.

Severity: Medium

Base Score: 6.5

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact

This vulnerability could allow an authenticated Tanium user with the "Interact - Ask Dynamic Questions" permission to perform a denial of service attack against the Tanium Server.

Products Affected

7.4 and 7.5 Release:

  • Tanium Server 7.4.6 prior to version 7.4.6.1154.

  • Tanium Server 7.5.6 prior to version 7.5.6.1164.

2024H1 Release:

  • Tanium Server prior to Update 14 (v7.6.2.1303).

2024H2 Release:

  • Tanium Server prior to Update 3 (v7.6.4.2124).

Available Updates

7.4 and 7.5 Release:

  • Tanium Server version 7.4.6.1154 and later.

  • Tanium Server version 7.5.6.1164 and later.

2024H1 Release:

  • Update 14 (Tanium Server v7.6.2.1303) and later.

2024H2 Release:

  • Update 3 (Tanium Server v7.6.4.2124) and later.

Workaround and Mitigations

None.

Acknowledgements

None.