CVE-2025-15097 (GCVE-0-2025-15097)
Vulnerability from cvelistv5 – Published: 2025-12-26 02:32 – Updated: 2025-12-26 19:30
VLAI?
Title
Alteryx Server status improper authentication
Summary
A vulnerability was found in Alteryx Server. Affected by this issue is some unknown functionality of the file /gallery/api/status/. Performing manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit has been made public and could be used. Upgrading to version 2023.1.1.13.486, 2023.2.1.10.293, 2024.1.1.9.236, 2024.2.1.6.125 and 2025.1.1.1.31 can resolve this issue. Upgrading the affected component is recommended.
Severity ?
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Alteryx | Server |
Affected:
2020.2.3.27789
Affected: 2021.4.2.47895 Affected: 2022.1.1.30961 Affected: 2022.1.1.42707 Affected: 2023.1.1.123 Affected: 2023.1.1.306 Affected: 2023.2.1.51 Affected: 2024.1.1.49 Affected: 2024.1.1.136 Affected: 2024.1.1.209 Affected: 2024.2.1.14 Affected: 2024.2.1.41 Affected: 2024.2.1.73 Affected: 2024.2.1.94 Unaffected: 2023.1.1.13.486 Unaffected: 2023.2.1.10.293 Unaffected: 2024.1.1.9.236 Unaffected: 2024.2.1.6.125 Unaffected: 2025.1.1.1.31 |
Credits
Diyan Apostolov (ICT Strypes)
fosi (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15097",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-26T19:30:44.954905Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-26T19:30:52.340Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Server",
"vendor": "Alteryx",
"versions": [
{
"status": "affected",
"version": "2020.2.3.27789"
},
{
"status": "affected",
"version": "2021.4.2.47895"
},
{
"status": "affected",
"version": "2022.1.1.30961"
},
{
"status": "affected",
"version": "2022.1.1.42707"
},
{
"status": "affected",
"version": "2023.1.1.123"
},
{
"status": "affected",
"version": "2023.1.1.306"
},
{
"status": "affected",
"version": "2023.2.1.51"
},
{
"status": "affected",
"version": "2024.1.1.49"
},
{
"status": "affected",
"version": "2024.1.1.136"
},
{
"status": "affected",
"version": "2024.1.1.209"
},
{
"status": "affected",
"version": "2024.2.1.14"
},
{
"status": "affected",
"version": "2024.2.1.41"
},
{
"status": "affected",
"version": "2024.2.1.73"
},
{
"status": "affected",
"version": "2024.2.1.94"
},
{
"status": "unaffected",
"version": "2023.1.1.13.486"
},
{
"status": "unaffected",
"version": "2023.2.1.10.293"
},
{
"status": "unaffected",
"version": "2024.1.1.9.236"
},
{
"status": "unaffected",
"version": "2024.2.1.6.125"
},
{
"status": "unaffected",
"version": "2025.1.1.1.31"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Diyan Apostolov (ICT Strypes)"
},
{
"lang": "en",
"type": "reporter",
"value": "fosi (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Alteryx Server. Affected by this issue is some unknown functionality of the file /gallery/api/status/. Performing manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit has been made public and could be used. Upgrading to version 2023.1.1.13.486, 2023.2.1.10.293, 2024.1.1.9.236, 2024.2.1.6.125 and 2025.1.1.1.31 can resolve this issue. Upgrading the affected component is recommended."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-26T02:32:05.819Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-338428 | Alteryx Server status improper authentication",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.338428"
},
{
"name": "VDB-338428 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.338428"
},
{
"name": "Submit #710169 | Alteryx Alteryx Server 2020/2021/2022/2023/2024/2025 Authentication Bypass Issues",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.710169"
},
{
"tags": [
"related"
],
"url": "https://ict-strypes.eu/wp-content/uploads/2025/12/Alteryx-Second-Research.pdf"
},
{
"tags": [
"exploit"
],
"url": "https://gist.github.com/apostolovd/f84631eed2f0c0e83e2e174b1480f08c"
},
{
"tags": [
"patch"
],
"url": "https://help.alteryx.com/release-notes/en/release-notes/server-release-notes/server-2025-1-release-notes.html"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-25T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-12-25T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-12-25T16:23:29.000Z",
"value": "VulDB entry last update"
}
],
"title": "Alteryx Server status improper authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15097",
"datePublished": "2025-12-26T02:32:05.819Z",
"dateReserved": "2025-12-25T15:16:00.965Z",
"dateUpdated": "2025-12-26T19:30:52.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-15097\",\"sourceIdentifier\":\"cna@vuldb.com\",\"published\":\"2025-12-26T03:15:50.273\",\"lastModified\":\"2025-12-26T03:15:50.273\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was found in Alteryx Server. Affected by this issue is some unknown functionality of the file /gallery/api/status/. Performing manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit has been made public and could be used. Upgrading to version 2023.1.1.13.486, 2023.2.1.10.293, 2024.1.1.9.236, 2024.2.1.6.125 and 2025.1.1.1.31 can resolve this issue. Upgrading the affected component is recommended.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":6.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"PROOF_OF_CONCEPT\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":3.4}],\"cvssMetricV2\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"references\":[{\"url\":\"https://gist.github.com/apostolovd/f84631eed2f0c0e83e2e174b1480f08c\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://help.alteryx.com/release-notes/en/release-notes/server-release-notes/server-2025-1-release-notes.html\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://ict-strypes.eu/wp-content/uploads/2025/12/Alteryx-Second-Research.pdf\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://vuldb.com/?ctiid.338428\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://vuldb.com/?id.338428\",\"source\":\"cna@vuldb.com\"},{\"url\":\"https://vuldb.com/?submit.710169\",\"source\":\"cna@vuldb.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-15097\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-26T19:30:44.954905Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-26T19:30:49.613Z\"}}], \"cna\": {\"title\": \"Alteryx Server status improper authentication\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Diyan Apostolov (ICT Strypes)\"}, {\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"fosi (VulDB User)\"}], \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 6.9, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P\"}}, {\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.3, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C\"}}, {\"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 7.3, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C\"}}, {\"cvssV2_0\": {\"version\": \"2.0\", \"baseScore\": 7.5, \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C\"}}], \"affected\": [{\"vendor\": \"Alteryx\", \"product\": \"Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"2020.2.3.27789\"}, {\"status\": \"affected\", \"version\": \"2021.4.2.47895\"}, {\"status\": \"affected\", \"version\": \"2022.1.1.30961\"}, {\"status\": \"affected\", \"version\": \"2022.1.1.42707\"}, {\"status\": \"affected\", \"version\": \"2023.1.1.123\"}, {\"status\": \"affected\", \"version\": \"2023.1.1.306\"}, {\"status\": \"affected\", \"version\": \"2023.2.1.51\"}, {\"status\": \"affected\", \"version\": \"2024.1.1.49\"}, {\"status\": \"affected\", \"version\": \"2024.1.1.136\"}, {\"status\": \"affected\", \"version\": \"2024.1.1.209\"}, {\"status\": \"affected\", \"version\": \"2024.2.1.14\"}, {\"status\": \"affected\", \"version\": \"2024.2.1.41\"}, {\"status\": \"affected\", \"version\": \"2024.2.1.73\"}, {\"status\": \"affected\", \"version\": \"2024.2.1.94\"}, {\"status\": \"unaffected\", \"version\": \"2023.1.1.13.486\"}, {\"status\": \"unaffected\", \"version\": \"2023.2.1.10.293\"}, {\"status\": \"unaffected\", \"version\": \"2024.1.1.9.236\"}, {\"status\": \"unaffected\", \"version\": \"2024.2.1.6.125\"}, {\"status\": \"unaffected\", \"version\": \"2025.1.1.1.31\"}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-12-25T00:00:00.000Z\", \"value\": \"Advisory disclosed\"}, {\"lang\": \"en\", \"time\": \"2025-12-25T01:00:00.000Z\", \"value\": \"VulDB entry created\"}, {\"lang\": \"en\", \"time\": \"2025-12-25T16:23:29.000Z\", \"value\": \"VulDB entry last update\"}], \"references\": [{\"url\": \"https://vuldb.com/?id.338428\", \"name\": \"VDB-338428 | Alteryx Server status improper authentication\", \"tags\": [\"vdb-entry\"]}, {\"url\": \"https://vuldb.com/?ctiid.338428\", \"name\": \"VDB-338428 | CTI Indicators (IOB, IOC, IOA)\", \"tags\": [\"signature\", \"permissions-required\"]}, {\"url\": \"https://vuldb.com/?submit.710169\", \"name\": \"Submit #710169 | Alteryx Alteryx Server 2020/2021/2022/2023/2024/2025 Authentication Bypass Issues\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://ict-strypes.eu/wp-content/uploads/2025/12/Alteryx-Second-Research.pdf\", \"tags\": [\"related\"]}, {\"url\": \"https://gist.github.com/apostolovd/f84631eed2f0c0e83e2e174b1480f08c\", \"tags\": [\"exploit\"]}, {\"url\": \"https://help.alteryx.com/release-notes/en/release-notes/server-release-notes/server-2025-1-release-notes.html\", \"tags\": [\"patch\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability was found in Alteryx Server. Affected by this issue is some unknown functionality of the file /gallery/api/status/. Performing manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit has been made public and could be used. Upgrading to version 2023.1.1.13.486, 2023.2.1.10.293, 2024.1.1.9.236, 2024.2.1.6.125 and 2025.1.1.1.31 can resolve this issue. Upgrading the affected component is recommended.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-287\", \"description\": \"Improper Authentication\"}]}], \"providerMetadata\": {\"orgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"shortName\": \"VulDB\", \"dateUpdated\": \"2025-12-26T02:32:05.819Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-15097\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-26T19:30:52.340Z\", \"dateReserved\": \"2025-12-25T15:16:00.965Z\", \"assignerOrgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"datePublished\": \"2025-12-26T02:32:05.819Z\", \"assignerShortName\": \"VulDB\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…