TAN-2026-011

Tanium addressed an information disclosure vulnerability in Threat Response.

Severity: Low

Base Score: 2.7

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Impact

This vulnerability could allow an authenticated Tanium user with the "Threat Response Configs - Read" permission to gain read-only access to data they should not have access to.

Products Affected

2024H2 Release:

Threat Response prior to Update 23 (v4.6.577)

2025H1 Release:

Threat Response prior to Update 17 (v4.9.379)

Available Updates

2024H2 Release:

Update 23 (Threat Response v4.6.577) and later

2025H1 Release:

Update 17 (Threat Response v4.9.379) and later

2025H2 Release:

Update 7 (Threat Response v4.12.251) and later

Workaround and Mitigations

None.

Acknowledgements

None.