TAN-2025-019

Tanium addressed an information disclosure vulnerability in Threat Response.

Severity: Medium

Base Score: 4.9

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Impact

This vulnerability could allow an authenticated Tanium user with the "Threat Response Configs - Read" permission to gain read-only access to data they should not have access to.

Products Affected

Threat Response prior to version 4.9.297.

Threat Response prior to version 4.6.518.

Threat Response prior to version 4.5.250.

Available Updates

Threat Response version 4.9.297 and later.

Threat Response version 4.6.518 and later.

Threat Response version 4.5.250 and later.

Workaround and Mitigations

None.

Acknowledgements

None.