Skip to content

TAN-2025-033

Tanium addressed an improper access controls vulnerability in Interact.

Severity: Low

Base Score: 3.1

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Impact

This vulnerability could allow an authenticated Tanium user with no permissions to gain read-only access to data they should not have access to.

Products Affected

2024H1 Release:

  • Interact prior to Update 24 (v3.1.337).

2024H2 Release:

  • Interact prior to Update 13 (v3.2.185).

2025H1 Release:

  • Interact prior to Update 7 (v3.5.90).

Available Updates

2024H1 Release:

  • Update 24 (Interact v3.1.337) and later.

2024H2 Release:

  • Update 13 (Interact v3.2.185) and later.

2025H1 Release:

  • Update 7 (Interact v3.5.90) and later.

Workaround and Mitigations

None.

Acknowledgements

None.