Tanium Appliance Improper Certificate Validation Vulnerability Allowing Log Data Interception

An improper certificate validation vulnerability has been addressed in Tanium Appliance. This vulnerability could enable an unauthenticated, network-based attacker to view or modify log data when a remote syslog destination is configured to use TLS. The issue is present in Tanium Appliance versions prior to Update 24 (v1.8.3.0199) in the 2024H1 release, prior to Update 12 (v1.8.4.0205) in the 2024H2 release, and prior to Update 6 (v1.8.5.0236) in the 2025H1 release.

Impact

Exploitation of this vulnerability could allow for unauthorized viewing or modification of log data sent to a remote syslog destination over TLS.

Remediation

Users can update to Tanium Appliance version 1.8.3.0199 or later for the 2024H1 release, version 1.8.4.0205 or later for the 2024H2 release, and version 1.8.5.0236 or later for the 2025H1 release.