CVE-2025-15322

Published: Jan 30, 2026Modified: Mar 9, 2026

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

Tanium addressed an improper access controls vulnerability in Tanium Server.

Affected (3)

Products: Tanium: Server

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Tanium Server	From 7.6.2.0 to 7.6.2.1327
Tanium Server	From 7.6.4.0 to 7.6.4.2160
Tanium Server	From 7.7.3.0 to 7.7.3.8231

Related CWEs

Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References (1)

https://security.tanium.com/TAN-2025-028

Source: 3938794e-25f5-4123-a1ba-5cbd7f104512

Vendor Advisory

Timeline

No history available yet.