CVE-2023-6343 Tyler Technologies Court Case Management Plus use of Aquaforest TIFF Server tssp.aspx allows authentication bypass

Tyler Technologies Court Case Management Plus allows a remote, unauthenticated attacker to enumerate and access sensitive files using the tiffserver/tssp.aspx 'FN' and 'PN' parameters. This behavior is related to the use of a deprecated version of Aquaforest TIFF Server, possibly 2.x. The...

Tyler Technologies Magistrate Court Case Management Plus Authorization Issue Vulnerability

Tyler Technologies Magistrate Court Case Management Plus is a district court case management system from Tyler Technologies. A security vulnerability exists in Tyler Technologies Magistrate Court Case Management Plus. A remote attacker can use the "FN" and "PN" parameters of tiffserver/tssp.aspx ...

CVE-2020-9323

Aquaforest TIFF Server 4.0 allows Unauthenticated File and Directory Enumeration via tiffserver/tssp.aspx...

CVE-2020-9323

Aquaforest TIFF Server 4.0 allows Unauthenticated File and Directory Enumeration via tiffserver/tssp.aspx...

PT-2020-20583 · Aquaforest · Aquaforest Tiff Server

Name of the Vulnerable Software and Affected Versions: Aquaforest TIFF Server version 4.0 Description: The issue allows unauthenticated file and directory enumeration. This is achieved via the "tiffserver/tssp.aspx" endpoint. Recommendations: For Aquaforest TIFF Server version 4.0, consider...