Primary

Context

Tanium Threat Response Information Disclosure Vulnerability

Vulnerability

An information disclosure vulnerability has been identified in Tanium Threat Response. This vulnerability affects the 2024H2 release prior to Update 23 (v4.6.577), the 2025H1 release prior to Update 17 (v4.9.379), and the 2025H2 release prior to Update 7 (v4.12.251). The issue could allow an authenticated Tanium user with the 'Threat Response Configs - Read' permission to access data read-only that they should not be able to.

Impact

Exploitation of this vulnerability could lead to unauthorized read-only access to sensitive data for authenticated users with specific permissions.

Remediation

Users can update to Threat Response v4.6.577 or later in the 2024H2 release, v4.9.379 or later in the 2025H1 release, or v4.12.251 or later in the 2025H2 release.

Added: Apr 22, 2026, 3:30 AM

Updated: Apr 22, 2026, 3:30 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

0.0

relevance

6.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

0.0

relevance

6.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tanium Threat Response Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating