A vulnerability was found in Alteryx Server. Affected by this issue is some unknown functionality of the file /gallery/api/status/. Performing manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit has been made public and could be used. Upgrading to version 2023.1.1.13.486, 2023.2.1.10.293, 2024.1.1.9.236, 2024.2.1.6.125 and 2025.1.1.1.31 can resolve this issue. Upgrading the affected component is recommended.
PUBLISHED5.2CWE-287
Alteryx Server status improper authentication
Problem type
Affected products
Alteryx
Server
2020.2.3.27789 - AFFECTED
2021.4.2.47895 - AFFECTED
2022.1.1.30961 - AFFECTED
2022.1.1.42707 - AFFECTED
2023.1.1.123 - AFFECTED
2023.1.1.306 - AFFECTED
2023.2.1.51 - AFFECTED
2024.1.1.49 - AFFECTED
2024.1.1.136 - AFFECTED
2024.1.1.209 - AFFECTED
2024.2.1.14 - AFFECTED
2024.2.1.41 - AFFECTED
2024.2.1.73 - AFFECTED
2024.2.1.94 - AFFECTED
2023.1.1.13.486 - UNAFFECTED
2023.2.1.10.293 - UNAFFECTED
2024.1.1.9.236 - UNAFFECTED
2024.2.1.6.125 - UNAFFECTED
2025.1.1.1.31 - UNAFFECTED
References
VDB-338428 | Alteryx Server status improper authentication
https://vuldb.com/?id.338428
VDB-338428 | CTI Indicators (IOB, IOC, IOA)
https://vuldb.com/?ctiid.338428
Submit #710169 | Alteryx Alteryx Server 2020/2021/2022/2023/2024/2025 Authentication Bypass Issues
https://vuldb.com/?submit.710169
ict-strypes.eu
https://ict-strypes.eu/wp-content/uploads/2025/12/Alteryx-Second-Research.pdf
gist.github.com
https://gist.github.com/apostolovd/f84631eed2f0c0e83e2e174b1480f08c
help.alteryx.com
https://help.alteryx.com/release-notes/en/release-notes/server-release-notes/server-2025-1-release-notes.html
GitHub Security Advisories
GHSA-4vwr-f92g-29m6
A vulnerability was found in Alteryx Server. Affected by this issue is some unknown functionality...
https://github.com/advisories/GHSA-4vwr-f92g-29m6A vulnerability was found in Alteryx Server. Affected by this issue is some unknown functionality of the file /gallery/api/status/. Performing manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit has been made public and could be used. Upgrading to version 2023.1.1.13.486, 2023.2.1.10.293, 2024.1.1.9.236, 2024.2.1.6.125 and 2025.1.1.1.31 can resolve this issue. Upgrading the affected component is recommended.
nvd.nist.gov
https://nvd.nist.gov/vuln/detail/CVE-2025-15097
gist.github.com
https://gist.github.com/apostolovd/f84631eed2f0c0e83e2e174b1480f08c
help.alteryx.com
https://help.alteryx.com/release-notes/en/release-notes/server-release-notes/server-2025-1-release-notes.html
ict-strypes.eu
https://ict-strypes.eu/wp-content/uploads/2025/12/Alteryx-Second-Research.pdf
vuldb.com
https://vuldb.com/?ctiid.338428
vuldb.com
https://vuldb.com/?id.338428
vuldb.com
https://vuldb.com/?submit.710169
github.com
https://github.com/advisories/GHSA-4vwr-f92g-29m6
JSON source
https://cveawg.mitre.org/api/cve/CVE-2025-15097Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2025-15097",
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"dateUpdated": "2025-12-26T19:30:52.340Z",
"dateReserved": "2025-12-25T15:16:00.965Z",
"datePublished": "2025-12-26T02:32:05.819Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB",
"dateUpdated": "2025-12-26T02:32:05.819Z"
},
"title": "Alteryx Server status improper authentication",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Alteryx Server. Affected by this issue is some unknown functionality of the file /gallery/api/status/. Performing manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit has been made public and could be used. Upgrading to version 2023.1.1.13.486, 2023.2.1.10.293, 2024.1.1.9.236, 2024.2.1.6.125 and 2025.1.1.1.31 can resolve this issue. Upgrading the affected component is recommended."
}
],
"affected": [
{
"vendor": "Alteryx",
"product": "Server",
"versions": [
{
"version": "2020.2.3.27789",
"status": "affected"
},
{
"version": "2021.4.2.47895",
"status": "affected"
},
{
"version": "2022.1.1.30961",
"status": "affected"
},
{
"version": "2022.1.1.42707",
"status": "affected"
},
{
"version": "2023.1.1.123",
"status": "affected"
},
{
"version": "2023.1.1.306",
"status": "affected"
},
{
"version": "2023.2.1.51",
"status": "affected"
},
{
"version": "2024.1.1.49",
"status": "affected"
},
{
"version": "2024.1.1.136",
"status": "affected"
},
{
"version": "2024.1.1.209",
"status": "affected"
},
{
"version": "2024.2.1.14",
"status": "affected"
},
{
"version": "2024.2.1.41",
"status": "affected"
},
{
"version": "2024.2.1.73",
"status": "affected"
},
{
"version": "2024.2.1.94",
"status": "affected"
},
{
"version": "2023.1.1.13.486",
"status": "unaffected"
},
{
"version": "2023.2.1.10.293",
"status": "unaffected"
},
{
"version": "2024.1.1.9.236",
"status": "unaffected"
},
{
"version": "2024.2.1.6.125",
"status": "unaffected"
},
{
"version": "2025.1.1.1.31",
"status": "unaffected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "Improper Authentication",
"cweId": "CWE-287",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?id.338428",
"name": "VDB-338428 | Alteryx Server status improper authentication",
"tags": [
"vdb-entry"
]
},
{
"url": "https://vuldb.com/?ctiid.338428",
"name": "VDB-338428 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
]
},
{
"url": "https://vuldb.com/?submit.710169",
"name": "Submit #710169 | Alteryx Alteryx Server 2020/2021/2022/2023/2024/2025 Authentication Bypass Issues",
"tags": [
"third-party-advisory"
]
},
{
"url": "https://ict-strypes.eu/wp-content/uploads/2025/12/Alteryx-Second-Research.pdf",
"tags": [
"related"
]
},
{
"url": "https://gist.github.com/apostolovd/f84631eed2f0c0e83e2e174b1480f08c",
"tags": [
"exploit"
]
},
{
"url": "https://help.alteryx.com/release-notes/en/release-notes/server-release-notes/server-2025-1-release-notes.html",
"tags": [
"patch"
]
}
],
"metrics": [
{},
{
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"baseScore": 7.3,
"baseSeverity": "HIGH"
}
},
{
"cvssV3_0": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"baseScore": 7.3,
"baseSeverity": "HIGH"
}
},
{
"cvssV2_0": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"baseScore": 7.5
}
}
],
"timeline": [
{
"time": "2025-12-25T00:00:00.000Z",
"lang": "en",
"value": "Advisory disclosed"
},
{
"time": "2025-12-25T01:00:00.000Z",
"lang": "en",
"value": "VulDB entry created"
},
{
"time": "2025-12-25T16:23:29.000Z",
"lang": "en",
"value": "VulDB entry last update"
}
],
"credits": [
{
"lang": "en",
"value": "Diyan Apostolov (ICT Strypes)",
"type": "finder"
},
{
"lang": "en",
"value": "fosi (VulDB User)",
"type": "reporter"
}
]
},
"adp": [
{
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2025-12-26T19:30:52.340Z"
},
"title": "CISA ADP Vulnrichment",
"metrics": [
{}
]
}
]
}
}