Refine your search

1 vulnerability found for TDS by Tanium

CVE-2026-2350 (GCVE-0-2026-2350)
Vulnerability from cvelistv5
Published
2026-02-19 23:10
Modified
2026-03-02 15:50
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Summary
Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS.
References
Impacted products
Vendor Product Version
Tanium Interact Version: 3.2.0   < 3.2.196
Version: 3.5.0   < 3.5.102
    cpe:2.3:a:tanium:service_interact:3.2.195:*:*:*:*:*:*:*
    cpe:2.3:a:tanium:service_interact:3.5.101:*:*:*:*:*:*:*
 Create a notification for this product.
   Tanium TDS Version: 4.1.0   < 4.1.257
    cpe:2.3:a:tanium:service_tds:4.1.256:*:*:*:*:*:*:*
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-2350",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-02T15:41:02.790036Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-02T15:50:27.043Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:tanium:service_interact:3.2.195:*:*:*:*:*:*:*",
            "cpe:2.3:a:tanium:service_interact:3.5.101:*:*:*:*:*:*:*"
          ],
          "product": "Interact",
          "vendor": "Tanium",
          "versions": [
            {
              "lessThan": "3.2.196",
              "status": "affected",
              "version": "3.2.0",
              "versionType": "custom"
            },
            {
              "lessThan": "3.5.102",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:tanium:service_tds:4.1.256:*:*:*:*:*:*:*"
          ],
          "product": "TDS",
          "vendor": "Tanium",
          "versions": [
            {
              "lessThan": "4.1.257",
              "status": "affected",
              "version": "4.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "dateAssigned": "2026-02-11T16:04:36.295Z",
      "datePublic": "2026-02-19T23:10:05.500Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-19T23:14:23.480Z",
        "orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
        "shortName": "Tanium"
      },
      "references": [
        {
          "name": "TAN-2026-008",
          "url": "https://security.tanium.com/TAN-2026-008"
        }
      ],
      "title": "Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS."
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
    "assignerShortName": "Tanium",
    "cveId": "CVE-2026-2350",
    "datePublished": "2026-02-19T23:10:33.951Z",
    "dateReserved": "2026-02-11T16:04:36.872Z",
    "dateUpdated": "2026-03-02T15:50:27.043Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}