Tanium Server is vulnerable to a denial of service condition that can cause the service to become unresponsive or crash. The impact is a disruption of availability for users relying on Tanium Server functionality. This weakness is classified under CWE‑772, indicating a missing use of access control or similar oversight. The CVSS score of 6.5 reflects a moderate severity for availability loss, but the exact effect depends on the server’s role in the environment. The description does not detail prerequisites, so the exact attack vector is not specified, but the nature of the fault suggests an external request could trigger the fault once an attacker reaches the vulnerable endpoint.

The affected product is Tanium Server. No specific version information is available; the vulnerability applies to the latest releases published before the advisory date, and likely to older releases that have not yet been updated. Only the Tanium Server component is mentioned; other Tanium products are not listed as affected.

With a CVSS score of 6.5 the risk is moderate, and no EPSS score is published, indicating limited publicly available exploitation data. The vulnerability is not listed in CISA KEV, implying no confirmed active exploitation at the time of analysis. Based on the description, the likely attack vector is remote, involving a malicious request sent to a Tanium Server instance that is exposed to a broader network. The absence of details about authentication or privilege requirements means that the exploit may be possible from unauthenticated or low-privilege attackers, but the exact conditions remain unclear.