An incorrect default permissions vulnerability has been identified in Tanium Performance, prior to Update 6 (v1.22.288). This vulnerability allows an authenticated Tanium user with specific service account permissions to read and write all platform content. The issue arises from improper default permission settings that could be exploited by users with certain roles.
Exploitation of this vulnerability could enable an authenticated user with the appropriate service account permissions to access and modify all platform content, potentially leading to unauthorized data manipulation or exposure.
Users can update to Tanium Performance version 1.22.288 or later to address this vulnerability.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
