Skip to main content

Tanium Server CVE-2026-6408

| EUVDEUVD-2026-24595 LOW
Insufficiently Protected Credentials (CWE-522)
2026-04-22 Tanium
2.7
CVSS 3.1 · NVD

Severity by source

NVD PRIMARY
2.7 LOW
AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

6
Patch released
Apr 22, 2026 - 21:23 nvd
Patch available
Patch available
Apr 22, 2026 - 05:01 EUVD
Analysis Generated
Apr 22, 2026 - 03:23 vuln.today
EUVD ID Assigned
Apr 22, 2026 - 03:00 euvd
EUVD-2026-24595
Analysis Generated
Apr 22, 2026 - 03:00 vuln.today
CVE Published
Apr 22, 2026 - 01:46 nvd
LOW 2.7

DescriptionCVE.org

Tanium addressed an information disclosure vulnerability in Tanium Server.

AnalysisAI

Tanium Server allows high-privileged authenticated users to disclose sensitive information through an unspecified network-accessible mechanism. The vulnerability requires administrative or equivalent privileges and carries a low CVSS score (2.7) reflecting limited impact to confidentiality with no integrity or availability consequences. No active exploitation or public proof-of-concept has been identified.

Technical ContextAI

CWE-522 (Insufficiently Protected Credentials) indicates the vulnerability involves inadequate protection of sensitive authentication or configuration data. The CVSS vector (AV:N/AC:L/PR:H/UI:N/S:U) shows network-accessible attack surface with low attack complexity and high privilege requirement, suggesting the flaw exists in an authenticated API, management interface, or privileged endpoint within Tanium Server. The vulnerability is scoped to the affected system only (S:U), meaning no impact to other networked systems.

RemediationAI

Apply the vendor-released patch from Tanium security advisory TAN-2026-012 (https://security.tanium.com/TAN-2026-012) to remediate the credential disclosure. If immediate patching is delayed, restrict administrative console and API access to trusted networks using firewall rules or VPN-gated access, and audit administrative account activity logs for unauthorized credential disclosure. Note that network restriction does not eliminate risk from compromised administrative accounts; patching is the definitive fix.

Share

CVE-2026-6408 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy