Skip to content

TAN-2026-010

Tanium addressed an uncontrolled resource consumption vulnerability in Interact.

Severity: Low

Base Score: 2.7

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

Impact

This vulnerability could allow an authenticated Tanium user with the "Write Filter Group" permission to perform a denial of service attack against the Interact workbench.

Products Affected

2024H2 Release:

  • Interact prior to Update 23 (v3.2.202)

2025H1 Release:

  • Interact prior to Update 17 (v3.5.108)

2025H2 Release:

  • Interact prior to Update 7 (v3.8.47)

Available Updates

2024H2 Release:

  • Update 23 (Interact v3.2.202) and later

2025H1 Release:

  • Update 17 (Interact v3.5.108) and later

2025H2 Release:

  • Update 7 (Interact v3.8.47) and later

Workaround and Mitigations

None.

Acknowledgements

Tanium would like to thank Eric Bester for responsibly reporting this issue.