Join the Reckless Community* indicates requiredEmail Address *First Name *Last Name *
Back to Tanium 7.3 Security Technical Implementation Guide
Severity: Medium
<VulnDiscussion>Typically, the Tanium Server stores the Package Source Files that it downloads from the Internet and server shares or files uploaded through the Tanium Console in a subdirectory of the server's installation directory called Downloads. To ensure package files are not accessible to non-authorized functions, the files must be re-located to outside of the server's installation directory.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Access the Tanium Server interactively. Log on to the server with an account that has administrative privileges. Run regedit as Administrator. Navigate to HKEY_LOCAL_MACHINE >> SOFTWARE >> Wow6432Node >> Tanium >> Tanium Server. Validate the "DownloadPath REG_SZ" value does not point to a location within the Tanium Server directory. If the "DownloadPath REG_SZ" value points to a location within the Tanium Server directory, this is a finding.
Access the Tanium Server interactively. Log on to the server with an account that has administrative privileges. Configure a directory elsewhere on the server to relocate the installation package files. Run regedit as Administrator. Navigate to HKEY_LOCAL_MACHINE >> SOFTWARE >> Wow6432Node >> Tanium >> Tanium Server. Change the "DownloadPath REG_SZ" value to point to the location of the relocated installation package files. Move the files from the original directory to the location created for the installation package files.