| 标题 | Alteryx Alteryx Server 2020/2021/2022/2023/2024/2025 Authentication Bypass Issues |
|---|
| 描述 | There is a critical auth bypass in Alteryx Server. The issue has been patched by the vendor for versions 2023/2024/2025 but no patch will be released for older versions, so 2022, 2021,2020 will stay vulnerable.
Full detailed report including other vulnerabilities: https://ict-strypes.eu/wp-content/uploads/2025/12/Alteryx-Second-Research.pdf
Patch release versions: 2025.1.1.1.31, 2024.2.1.6.125, 2024.1.1.9.236, 2023.2.1.10.293, 2023.1.1.13.486
Tested On: 2020.2.3.27789 / 2021.4.2.47895 / 2022.1.1.30961 / 2022.1.1.42707 / 2023.1.1.123 / 2023.1.1.306 / 2023.2.1.51 / 2024.1.1.49 / 2024.1.1.136 / 2024.1.1.209 / 2024.2.1.41 / 2024.2.1.14 / 2024.2.1.73 / 2024.2.1.94
|
|---|
| 来源 | ⚠️ https://gist.github.com/apostolovd/f84631eed2f0c0e83e2e174b1480f08c |
|---|
| 用户 | fosi (UID 45582) |
|---|
| 提交 | 2025-12-09 11時20分 (6 月前) |
|---|
| 管理 | 2025-12-25 16時18分 (16 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 338428 [Alteryx Server 直到 2024.2.1.94 /gallery/api/status/ 弱身份验证] |
|---|
| 积分 | 20 |
|---|