Skip to content

TAN-2025-034

Tanium addressed an improper access controls vulnerability in Interact.

Severity: Low

Base Score: 3.1

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Impact

This vulnerability could allow an authenticated Tanium user with the internal "Data Collection Sensor - Write" permission to gain read-only access to data they should not have access to.

Products Affected

2025H1 Release:

  • Interact prior to Update 7 (v3.5.90).

Available Updates

2025H1 Release:

  • Update 7 (Interact v3.5.90) and later.

Workaround and Mitigations

None.

Acknowledgements

None.