Tanium TanOS Log File Vulnerability Exposing Temporary Passwords
Vulnerability
A vulnerability in TanOS prior to certain updates allows for the unintentional logging of sensitive information, specifically temporary passwords, into syslog files. This issue affects TanOS versions 1.8.4 prior to 1.8.4.0249, 1.8.5 prior to 1.8.5.0282, and 1.8.6 prior to 1.8.6.0150. The vulnerability could be exploited by an attacker with access to the TanOS syslog output, enabling them to retrieve the temporary password of a user whose password had been reset. This temporary password is valid only between the reset and the user's first successful login.
Impact
Exploitation of this vulnerability could lead to unauthorized access to a TanOS user's account by allowing an attacker to use the retrieved temporary password for login, but only within a specific time frame.
Remediation
Users can update to TanOS v1.8.4.0249, v1.8.5.0282, or v1.8.6.01503 to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.