Important Community update: The process for changing your account details was updated on June 25th. Learn how this impacts your Community experience and the actions we suggest you take to secure your account here.
community Alteryx IO Alteryx.com
alteryx Community
Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Close
Free Trial

Alteryx Designer Desktop Discussions

Find answers, ask questions, and share expertise about Alteryx Designer Desktop and Intelligence Suite.

Alteryx Analytics Connector application - security vulnerability - Azure environment

Abigmac
5 - Atom
‎06-26-2023 12:54 PM

Is the AAC application vulnerable to the azure authentication flaw if using the email login?

Microsoft fixes Azure AD auth flaw enabling account takeover (bleepingcomputer.com)

Reply
0 Likes
1 REPLY 1
VojtechT
Alteryx
Alteryx
‎08-03-2023 06:20 AM

Hi @Abigmac , could you just clarify what you mean by AAC / Alteryx Analytics Connector? 

The name itself is pointing towards the Azure Web app we use as the default for performing OAuth authentication in our Data connectors in Alteryx Designer. In such case I can confirm it is not vulnerable to that flaw simply because we are not obtaining the email address in order to perform and user verification with our own list - that's simply a completely different auth flow, which is not even applicable in this case. 

 

However, the abbreviation AAC is usually rather used for "Alteryx Analytics Cloud", which is maintained by different team and thus we would need to move this question into their area. 

 

Thank you,

Vojta

Vojta T., PM for Data Connectors
Try our Beta data connectors at https://bit.ly/3Ae8HgY
Reply
0 Likes
go to user group event calendar
Labels