3 matches found
Design/Logic Flaw
Tyler Technologies Court Case Management Plus allows a remote, unauthenticated attacker to enumerate and access sensitive files using the tiffserver/tssp.aspx 'FN' and 'PN' parameters. This behavior is related to the use of a deprecated version of Aquaforest TIFF Server, possibly 2.x. The...
Default configuration
Tyler Technologies Court Case Management Plus allows a remote, unauthenticated attacker to enumerate directories using the tiffserver/te003.aspx or te004.aspx 'ifolder' parameter. This behavior is related to the use of a deprecated version of Aquaforest TIFF Server, possibly 2.x. The vulnerable...
CVE-2023-6343
The CVE describes a vulnerability in Tyler Technologies Court Case Management Plus related to the Aquaforest TIFF Server used for handling TIFF files. Affected component: Aquaforest TIFF Server (integrated via Tyler’s court management solution). Vulnerability occurs in TIFF Server features access...