CVE-2025-15097

🗓️ 26 Dec 2025 02:32:05Reported by VulDBType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 12 Views

Alteryx Server exposes remote improper authentication via the status endpoint; a public exploit exists.

Reporter	Title	Published	Views	Family All 7
CNNVD	Alteryx Server 授权问题漏洞	26 Dec 202500:00	–	cnnvd
Cvelist	CVE-2025-15097 Alteryx Server status improper authentication	26 Dec 202502:32	–	cvelist
EUVD	EUVD-2025-205409	26 Dec 202502:32	–	euvd
NVD	CVE-2025-15097	26 Dec 202503:15	–	nvd
Positive Technologies	PT-2025-53435	26 Dec 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-15097	27 Dec 202503:22	–	redhatcve
Vulnrichment	CVE-2025-15097 Alteryx Server status improper authentication	26 Dec 202502:32	–	vulnrichment

Vulners

Node

alteryx alteryx_serverMatch2020.2.3.27789

alteryx alteryx_serverMatch2021.4.2.47895

alteryx alteryx_serverMatch2022.1.1.30961

alteryx alteryx_serverMatch2022.1.1.42707

alteryx alteryx_serverMatch2023.1.1.123

alteryx alteryx_serverMatch2023.1.1.306

alteryx alteryx_serverMatch2023.2.1.51

alteryx alteryx_serverMatch2024.1.1.49

alteryx alteryx_serverMatch2024.1.1.136

alteryx alteryx_serverMatch2024.1.1.209

alteryx alteryx_serverMatch2024.2.1.14

alteryx alteryx_serverMatch2024.2.1.41

alteryx alteryx_serverMatch2024.2.1.73

alteryx alteryx_serverMatch2024.2.1.94

[
  {
    "vendor": "Alteryx",
    "product": "Server",
    "versions": [
      {
        "version": "2020.2.3.27789",
        "status": "affected"
      },
      {
        "version": "2021.4.2.47895",
        "status": "affected"
      },
      {
        "version": "2022.1.1.30961",
        "status": "affected"
      },
      {
        "version": "2022.1.1.42707",
        "status": "affected"
      },
      {
        "version": "2023.1.1.123",
        "status": "affected"
      },
      {
        "version": "2023.1.1.306",
        "status": "affected"
      },
      {
        "version": "2023.2.1.51",
        "status": "affected"
      },
      {
        "version": "2024.1.1.49",
        "status": "affected"
      },
      {
        "version": "2024.1.1.136",
        "status": "affected"
      },
      {
        "version": "2024.1.1.209",
        "status": "affected"
      },
      {
        "version": "2024.2.1.14",
        "status": "affected"
      },
      {
        "version": "2024.2.1.41",
        "status": "affected"
      },
      {
        "version": "2024.2.1.73",
        "status": "affected"
      },
      {
        "version": "2024.2.1.94",
        "status": "affected"
      },
      {
        "version": "2023.1.1.13.486",
        "status": "unaffected"
      },
      {
        "version": "2023.2.1.10.293",
        "status": "unaffected"
      },
      {
        "version": "2024.1.1.9.236",
        "status": "unaffected"
      },
      {
        "version": "2024.2.1.6.125",
        "status": "unaffected"
      },
      {
        "version": "2025.1.1.1.31",
        "status": "unaffected"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
ict-strypes	www.ict-strypes.eu/wp-content/uploads/2025/12/Alteryx-Second-Research.pdf
vuldb	www.vuldb.com/
gist	www.gist.github.com/apostolovd/f84631eed2f0c0e83e2e174b1480f08c
help	www.help.alteryx.com/release-notes/en/release-notes/server-release-notes/server-2025-1-release-notes.html

29 Apr 2026 01:00Current

6.4Medium risk

Vulners AI Score6.4

CVSS 46.9

CVSS 3.17.3

CVSS 27.5

CVSS 37.3

EPSS0.00017

SSVC

CWE-287