CVE-2025-65033 is an authorization vulnerability identified in the open-source scheduling and collaboration tool Rallly, specifically affecting versions prior to 4.5.4. The vulnerability stems from improper authorization checks in the poll management feature, where the system uses only the public pollId to identify polls but fails to verify whether the authenticated user attempting to pause or resume a poll is the poll's owner. This flaw allows any authenticated user to manipulate polls created by others, effectively pausing or resuming them at will. The consequence is a loss of integrity and availability of poll data, as unauthorized users can disrupt ongoing polls, potentially causing confusion, scheduling conflicts, or denial of service in collaborative environments. The CVSS v3.1 base score is 8.1, reflecting high severity due to the network attack vector, low attack complexity, requirement for privileges (authenticated user), no user interaction, and significant impact on integrity and availability. Although no known exploits have been reported in the wild, the vulnerability poses a risk to organizations relying on Rallly for scheduling and collaboration. The issue was addressed and patched in Rallly version 4.5.4 by implementing proper authorization checks to ensure only poll owners can manage their polls. The vulnerability is categorized under CWE-285 (Improper Authorization) and CWE-639 (Authorization Bypass Through User-Controlled Key).

For European organizations using Rallly versions prior to 4.5.4, this vulnerability can lead to unauthorized disruption of collaborative scheduling activities. Attackers with valid user credentials can pause or resume polls they do not own, undermining the integrity of scheduling data and availability of poll functionality. This can cause operational delays, miscommunication, and reduced trust in collaboration tools. Organizations in sectors relying heavily on coordinated scheduling—such as education, public administration, healthcare, and multinational corporations—may experience workflow interruptions and potential reputational damage. While the vulnerability does not directly expose confidential data, the integrity and availability impacts can indirectly affect business continuity and decision-making processes. The requirement for authentication limits exploitation to insiders or compromised accounts, but the low attack complexity and lack of user interaction make exploitation feasible once access is gained.

The primary mitigation is to upgrade all Rallly instances to version 4.5.4 or later, where the authorization flaw has been corrected. Organizations should audit their current deployments to identify affected versions and prioritize patching. Additionally, implement strict access control policies limiting poll creation and management privileges to trusted users. Employ monitoring and alerting on unusual poll management activities, such as frequent pausing/resuming by non-owners, to detect potential abuse. Enforce strong authentication mechanisms to reduce the risk of account compromise, including multi-factor authentication (MFA). Consider network segmentation and role-based access controls (RBAC) to minimize the number of users with poll management capabilities. Finally, educate users about the importance of safeguarding credentials and reporting suspicious behavior within collaboration platforms.