Skip to content

TAN-2025-015

Tanium addressed an uncontrolled resource consumption vulnerability in Connect.

Severity: Medium

Base Score: 4.3

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Impact

This vulnerability could allow an authenticated Tanium user with the Connect Write permission to consume an unrestricted amount of disk space on the TMS.

Products Affected

7.4 and 7.5 Release:

  • Connect prior to v5.22.100.

2024H1 Release:

  • Connect prior to Update 16 (v5.22.100).

2024H2 Release:

  • Connect prior to Update 5 (v5.26.87).

Available Updates

7.4 and 7.5 Release:

  • Connect v5.22.100 and later.

2024H1 Release:

  • Update 16 (Connect v5.22.100) and later.

2024H2 Release:

  • Update 5 (Connect v5.26.87) and later.

Workaround and Mitigations

None.

Acknowledgements

None.