Tanium Interact and TDS Sensitive Information Log File Vulnerability

A vulnerability allowing the insertion of sensitive information into log files has been identified in Tanium Interact and Tanium Data Service (TDS). This issue affects specific versions of Tanium Interact and TDS, where sensitive data such as session information and API tokens could be exposed in the logs.

Impact

An attacker with access to the TDS logs could read sensitive information, including session data and API tokens.

Remediation

Users of Tanium Interact should upgrade to version 3.2.196 or later if on the 2024H2 release, or version 3.5.102 or later if on the 2025H1 release. Tanium TDS users should upgrade to version 4.1.257 or later. Tanium On-prem users who suspect unauthorized access to their TDS logs should rotate the credentials for the TDS service account, stop the Tanium Server service to invalidate existing sessions, and review TDS logs for any API tokens that were improperly logged. Tanium Cloud users should rotate all API tokens.