Skip to content

TAN-2026-007

Tanium addressed an insertion of sensitive information into log file vulnerability in Trends.

Severity: Medium

Base Score: 6.5

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Impact

This vulnerability could allow an attacker with access to Trends module logs to gain read access to sensitive data including sessions and API tokens.

Products Affected

2024H2 Release:

  • Trends prior to Update 20 (v3.10.0 to v3.10.20)

2025H1 Release:

  • Trends prior to Update 13 (v3.11.0 to v3.11.79)

2025H2 Release:

  • Trends prior to Update 3 (v3.11.0 to v3.11.79)

Available Updates

2024H2 Release:

  • Update 20 (Trends v3.10.20) and later

2025H1 Release:

  • Update 13 (Trends v3.11.79) and later

2025H2 Release:

  • Update 3 (Trends v3.11.79) and later

Tanium On-prem users may take the following actions, in addition to upgrading Trends, if they believe their Trends logs could have been accessed by an unauthorized party: - Rotate the credentials for the Trends service account. - Stop the Tanium Server service for 10 minutes, or the duration of the session timeout, to ensure that all existing sessions are invalidated. Customers with an active-active deployment should stop the Tanium Server service on both servers concurrently. - Review Trends logs for the token- pattern and rotate any API token that was erroneously logged.

Tanium Cloud users should rotate all API tokens.

Workaround and Mitigations

None.

Acknowledgements

None.