Search
Find a vulnerability
Search criteria
8 vulnerabilities found for interact by tanium
CVE-2026-6416 (GCVE-0-2026-6416)
Vulnerability from nvd – Published: 2026-04-22 01:46 – Updated: 2026-04-22 12:57
VLAI
Title
Tanium addressed an uncontrolled resource consumption vulnerability in Interact.
Summary
Tanium addressed an uncontrolled resource consumption vulnerability in Interact.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tanium | Interact |
Affected:
3.2.0 , < 3.2.202
(custom)
Affected: 3.5.0 , < 3.5.108 (custom) Affected: 3.8.0 , < 3.8.47 (custom) cpe:2.3:a:tanium:service_interact:3.2.196:*:*:*:*:*:*:* cpe:2.3:a:tanium:service_interact:3.5.102:*:*:*:*:*:*:* cpe:2.3:a:tanium:service_interact:3.8.46:*:*:*:*:*:*:* |
Date Public
2026-04-22 01:46
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-6416",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-22T12:57:48.199961Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-22T12:57:59.571Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:service_interact:3.2.196:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:service_interact:3.5.102:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:service_interact:3.8.46:*:*:*:*:*:*:*"
],
"product": "Interact",
"vendor": "Tanium",
"versions": [
{
"lessThan": "3.2.202",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.5.108",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
},
{
"lessThan": "3.8.47",
"status": "affected",
"version": "3.8.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Eric Bester"
}
],
"dateAssigned": "2026-04-15T23:55:39.195Z",
"datePublic": "2026-04-22T01:46:08.322Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an uncontrolled resource consumption vulnerability in Interact."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-22T01:46:19.376Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2026-010",
"url": "https://security.tanium.com/TAN-2026-010"
}
],
"title": "Tanium addressed an uncontrolled resource consumption vulnerability in Interact."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2026-6416",
"datePublished": "2026-04-22T01:46:19.376Z",
"dateReserved": "2026-04-15T23:55:39.808Z",
"dateUpdated": "2026-04-22T12:57:59.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2350 (GCVE-0-2026-2350)
Vulnerability from nvd – Published: 2026-02-19 23:10 – Updated: 2026-03-02 15:50
VLAI
Title
Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS.
Summary
Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Tanium | Interact |
Affected:
3.2.0 , < 3.2.196
(custom)
Affected: 3.5.0 , < 3.5.102 (custom) cpe:2.3:a:tanium:service_interact:3.2.195:*:*:*:*:*:*:* cpe:2.3:a:tanium:service_interact:3.5.101:*:*:*:*:*:*:* |
|
| Tanium | TDS |
Affected:
4.1.0 , < 4.1.257
(custom)
cpe:2.3:a:tanium:service_tds:4.1.256:*:*:*:*:*:*:* |
Date Public
2026-02-19 23:10
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-02T15:41:02.790036Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-02T15:50:27.043Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:service_interact:3.2.195:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:service_interact:3.5.101:*:*:*:*:*:*:*"
],
"product": "Interact",
"vendor": "Tanium",
"versions": [
{
"lessThan": "3.2.196",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.5.102",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:tanium:service_tds:4.1.256:*:*:*:*:*:*:*"
],
"product": "TDS",
"vendor": "Tanium",
"versions": [
{
"lessThan": "4.1.257",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2026-02-11T16:04:36.295Z",
"datePublic": "2026-02-19T23:10:05.500Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-19T23:14:23.480Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2026-008",
"url": "https://security.tanium.com/TAN-2026-008"
}
],
"title": "Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2026-2350",
"datePublished": "2026-02-19T23:10:33.951Z",
"dateReserved": "2026-02-11T16:04:36.872Z",
"dateUpdated": "2026-03-02T15:50:27.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15289 (GCVE-0-2025-15289)
Vulnerability from nvd – Published: 2026-02-05 18:10 – Updated: 2026-02-06 19:22
VLAI
Title
Tanium addressed an improper access controls vulnerability in Interact.
Summary
Tanium addressed an improper access controls vulnerability in Interact.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tanium | Interact |
Affected:
3.1.0 , < 3.1.337
(custom)
Affected: 3.2.0 , < 3.2.185 (custom) Affected: 3.5.0 , < 3.5.90 (custom) cpe:2.3:a:tanium:service_interact:3.1.336:*:*:*:*:*:*:* cpe:2.3:a:tanium:service_interact:3.2.184:*:*:*:*:*:*:* cpe:2.3:a:tanium:service_interact:3.5.89:*:*:*:*:*:*:* |
Date Public
2025-10-02 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15289",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-06T19:22:50.331215Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-06T19:22:58.220Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:service_interact:3.1.336:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:service_interact:3.2.184:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:service_interact:3.5.89:*:*:*:*:*:*:*"
],
"product": "Interact",
"vendor": "Tanium",
"versions": [
{
"lessThan": "3.1.337",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.185",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.5.90",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2025-12-29T23:02:29.166Z",
"datePublic": "2025-10-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an improper access controls vulnerability in Interact."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T18:10:28.261Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-033",
"url": "https://security.tanium.com/TAN-2025-033"
}
],
"title": "Tanium addressed an improper access controls vulnerability in Interact."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15289",
"datePublished": "2026-02-05T18:10:28.261Z",
"dateReserved": "2025-12-29T23:02:29.360Z",
"dateUpdated": "2026-02-06T19:22:58.220Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15288 (GCVE-0-2025-15288)
Vulnerability from nvd – Published: 2026-01-29 20:10 – Updated: 2026-02-05 15:57
VLAI
Title
Tanium addressed an improper access controls vulnerability in Interact.
Summary
Tanium addressed an improper access controls vulnerability in Interact.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
1 reference
Impacted products
Date Public
2025-10-02 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15288",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T20:31:10.582156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T20:31:17.700Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:service_interact:3.5.89:*:*:*:*:*:*:*"
],
"product": "Interact",
"vendor": "Tanium",
"versions": [
{
"lessThan": "3.5.90",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2025-12-29T23:02:11.893Z",
"datePublic": "2025-10-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an improper access controls vulnerability in Interact."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T15:57:07.320Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-034",
"url": "https://security.tanium.com/TAN-2025-034"
}
],
"title": "Tanium addressed an improper access controls vulnerability in Interact."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15288",
"datePublished": "2026-01-29T20:10:48.480Z",
"dateReserved": "2025-12-29T23:02:12.448Z",
"dateUpdated": "2026-02-05T15:57:07.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-6416 (GCVE-0-2026-6416)
Vulnerability from cvelistv5 – Published: 2026-04-22 01:46 – Updated: 2026-04-22 12:57
VLAI
Title
Tanium addressed an uncontrolled resource consumption vulnerability in Interact.
Summary
Tanium addressed an uncontrolled resource consumption vulnerability in Interact.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tanium | Interact |
Affected:
3.2.0 , < 3.2.202
(custom)
Affected: 3.5.0 , < 3.5.108 (custom) Affected: 3.8.0 , < 3.8.47 (custom) cpe:2.3:a:tanium:service_interact:3.2.196:*:*:*:*:*:*:* cpe:2.3:a:tanium:service_interact:3.5.102:*:*:*:*:*:*:* cpe:2.3:a:tanium:service_interact:3.8.46:*:*:*:*:*:*:* |
Date Public
2026-04-22 01:46
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-6416",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-22T12:57:48.199961Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-22T12:57:59.571Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:service_interact:3.2.196:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:service_interact:3.5.102:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:service_interact:3.8.46:*:*:*:*:*:*:*"
],
"product": "Interact",
"vendor": "Tanium",
"versions": [
{
"lessThan": "3.2.202",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.5.108",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
},
{
"lessThan": "3.8.47",
"status": "affected",
"version": "3.8.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Eric Bester"
}
],
"dateAssigned": "2026-04-15T23:55:39.195Z",
"datePublic": "2026-04-22T01:46:08.322Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an uncontrolled resource consumption vulnerability in Interact."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-22T01:46:19.376Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2026-010",
"url": "https://security.tanium.com/TAN-2026-010"
}
],
"title": "Tanium addressed an uncontrolled resource consumption vulnerability in Interact."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2026-6416",
"datePublished": "2026-04-22T01:46:19.376Z",
"dateReserved": "2026-04-15T23:55:39.808Z",
"dateUpdated": "2026-04-22T12:57:59.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2350 (GCVE-0-2026-2350)
Vulnerability from cvelistv5 – Published: 2026-02-19 23:10 – Updated: 2026-03-02 15:50
VLAI
Title
Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS.
Summary
Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Tanium | Interact |
Affected:
3.2.0 , < 3.2.196
(custom)
Affected: 3.5.0 , < 3.5.102 (custom) cpe:2.3:a:tanium:service_interact:3.2.195:*:*:*:*:*:*:* cpe:2.3:a:tanium:service_interact:3.5.101:*:*:*:*:*:*:* |
|
| Tanium | TDS |
Affected:
4.1.0 , < 4.1.257
(custom)
cpe:2.3:a:tanium:service_tds:4.1.256:*:*:*:*:*:*:* |
Date Public
2026-02-19 23:10
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-02T15:41:02.790036Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-02T15:50:27.043Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:service_interact:3.2.195:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:service_interact:3.5.101:*:*:*:*:*:*:*"
],
"product": "Interact",
"vendor": "Tanium",
"versions": [
{
"lessThan": "3.2.196",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.5.102",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:tanium:service_tds:4.1.256:*:*:*:*:*:*:*"
],
"product": "TDS",
"vendor": "Tanium",
"versions": [
{
"lessThan": "4.1.257",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2026-02-11T16:04:36.295Z",
"datePublic": "2026-02-19T23:10:05.500Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-19T23:14:23.480Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2026-008",
"url": "https://security.tanium.com/TAN-2026-008"
}
],
"title": "Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2026-2350",
"datePublished": "2026-02-19T23:10:33.951Z",
"dateReserved": "2026-02-11T16:04:36.872Z",
"dateUpdated": "2026-03-02T15:50:27.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15289 (GCVE-0-2025-15289)
Vulnerability from cvelistv5 – Published: 2026-02-05 18:10 – Updated: 2026-02-06 19:22
VLAI
Title
Tanium addressed an improper access controls vulnerability in Interact.
Summary
Tanium addressed an improper access controls vulnerability in Interact.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Tanium | Interact |
Affected:
3.1.0 , < 3.1.337
(custom)
Affected: 3.2.0 , < 3.2.185 (custom) Affected: 3.5.0 , < 3.5.90 (custom) cpe:2.3:a:tanium:service_interact:3.1.336:*:*:*:*:*:*:* cpe:2.3:a:tanium:service_interact:3.2.184:*:*:*:*:*:*:* cpe:2.3:a:tanium:service_interact:3.5.89:*:*:*:*:*:*:* |
Date Public
2025-10-02 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15289",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-06T19:22:50.331215Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-06T19:22:58.220Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:service_interact:3.1.336:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:service_interact:3.2.184:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:service_interact:3.5.89:*:*:*:*:*:*:*"
],
"product": "Interact",
"vendor": "Tanium",
"versions": [
{
"lessThan": "3.1.337",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.185",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.5.90",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2025-12-29T23:02:29.166Z",
"datePublic": "2025-10-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an improper access controls vulnerability in Interact."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T18:10:28.261Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-033",
"url": "https://security.tanium.com/TAN-2025-033"
}
],
"title": "Tanium addressed an improper access controls vulnerability in Interact."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15289",
"datePublished": "2026-02-05T18:10:28.261Z",
"dateReserved": "2025-12-29T23:02:29.360Z",
"dateUpdated": "2026-02-06T19:22:58.220Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15288 (GCVE-0-2025-15288)
Vulnerability from cvelistv5 – Published: 2026-01-29 20:10 – Updated: 2026-02-05 15:57
VLAI
Title
Tanium addressed an improper access controls vulnerability in Interact.
Summary
Tanium addressed an improper access controls vulnerability in Interact.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
1 reference
Impacted products
Date Public
2025-10-02 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15288",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T20:31:10.582156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T20:31:17.700Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:service_interact:3.5.89:*:*:*:*:*:*:*"
],
"product": "Interact",
"vendor": "Tanium",
"versions": [
{
"lessThan": "3.5.90",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2025-12-29T23:02:11.893Z",
"datePublic": "2025-10-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an improper access controls vulnerability in Interact."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T15:57:07.320Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-034",
"url": "https://security.tanium.com/TAN-2025-034"
}
],
"title": "Tanium addressed an improper access controls vulnerability in Interact."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15288",
"datePublished": "2026-01-29T20:10:48.480Z",
"dateReserved": "2025-12-29T23:02:12.448Z",
"dateUpdated": "2026-02-05T15:57:07.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}