CNNVD-202512-4818 Information

CNNVD ID

CNNVD-202512-4818

Related CVE

CVE-2025-15097

• CNNVD Published: 2025-12-26

Description (Chinese)

Alteryx Server是Alteryx公司的一个云托管或自托管的应用程序。用于发布、共享和执行工作流。 Alteryx Server存在授权问题漏洞，该漏洞源于文件/gallery/api/status/中存在身份验证不当，可能导致远程攻击。

Description (English)

Alteryx Server is a cloud-based or self-hosted application of Alteryx. For publication, sharing and implementation streams. Alteryx Server has a mandate loophole, which stems from inappropriate identification in the document/galery/api/status/, which could lead to a long-range attack.

Hazard Level

Medium

Vulnerability Type

授权问题

Affected Vendor

Alteryx

Published

2025-12-26

Last Modified

2026-02-24

References

https://gist.github.com/apostolovd/f84631eed2f0c0e83e2e174b1480f08c https://help.alteryx.com/release-notes/en/release-notes/server-release-notes/server-2025-1-release-notes.html https://ict-strypes.eu/wp-content/uploads/2025/12/Alteryx-Second-Research.pdf https://vuldb.com/?ctiid.338428 https://vuldb.com/?id.338428 https://vuldb.com/?submit.710169 https://access.redhat.com/security/cve/cve-2025-15097