| Title | Alteryx Alteryx Server 2020/2021/2022/2023/2024/2025 Authentication Bypass Issues |
|---|
| Description | There is a critical auth bypass in Alteryx Server. The issue has been patched by the vendor for versions 2023/2024/2025 but no patch will be released for older versions, so 2022, 2021,2020 will stay vulnerable.
Full detailed report including other vulnerabilities: https://ict-strypes.eu/wp-content/uploads/2025/12/Alteryx-Second-Research.pdf
Patch release versions: 2025.1.1.1.31, 2024.2.1.6.125, 2024.1.1.9.236, 2023.2.1.10.293, 2023.1.1.13.486
Tested On: 2020.2.3.27789 / 2021.4.2.47895 / 2022.1.1.30961 / 2022.1.1.42707 / 2023.1.1.123 / 2023.1.1.306 / 2023.2.1.51 / 2024.1.1.49 / 2024.1.1.136 / 2024.1.1.209 / 2024.2.1.41 / 2024.2.1.14 / 2024.2.1.73 / 2024.2.1.94
|
|---|
| Source | ⚠️ https://gist.github.com/apostolovd/f84631eed2f0c0e83e2e174b1480f08c |
|---|
| User | fosi (UID 45582) |
|---|
| Submission | 12/09/2025 11:20 (6 months ago) |
|---|
| Moderation | 12/25/2025 16:18 (16 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 338428 [Alteryx Server up to 2024.2.1.94 /gallery/api/status/ improper authentication] |
|---|
| Points | 20 |
|---|