Tanium Trends Log File Vulnerability Allowing Sensitive Data Exposure

A vulnerability has been identified in the Tanium Trends module that allows for the unintentional insertion of sensitive information into log files. This issue affects Tanium Trends versions 3.10.0 prior to 3.10.20, 3.11.0 prior to 3.11.79, and could enable an attacker with access to these logs to read sensitive data such as session information and API tokens.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive data in Trends module logs, including session details and API tokens.

Remediation

Users can upgrade to Tanium Trends version 3.10.20 or later, or version 3.11.79 or later, depending on their current release. Tanium On-prem users who suspect unauthorized access to their Trends logs should rotate the credentials for the Trends service account, stop the Tanium Server service to invalidate existing sessions, and review Trends logs for any improperly logged API tokens. Tanium Cloud users should rotate all API tokens.