Описание
Tyler Technologies Civil and Criminal Electronic Filing allows an unauthenticated, remote attacker to upload, delete, and view files by manipulating the Upload.aspx 'enky' parameter.
Ссылки
- Third Party Advisory
- https://techcrunch.com/2023/11/30/us-court-records-systems-vulnerabilities-exposed-sealed-documents/Press/Media CoverageThird Party Advisory
- Third Party AdvisoryUS Government Resource
- Product
- Third Party Advisory
- https://techcrunch.com/2023/11/30/us-court-records-systems-vulnerabilities-exposed-sealed-documents/Press/Media CoverageThird Party Advisory
- Third Party AdvisoryUS Government Resource
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:tylertech:court_case_management_plus:-:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01577
Низкий
5.3 Medium
CVSS3
9.4 Critical
CVSS3
Дефекты
CWE-287
CWE-287
Связанные уязвимости
CVSS3: 5.3
github
около 2 лет назад
Tyler Technologies Civil and Criminal Electronic Filing allows an unauthenticated, remote attacker to upload, delete, and view files by manipulating the Upload.aspx 'enky' parameter.
EPSS
Процентиль: 81%
0.01577
Низкий
5.3 Medium
CVSS3
9.4 Critical
CVSS3
Дефекты
CWE-287
CWE-287