CVE-2023-6354

CVSS 3.1 Score 9.4 of 10 (high)

Details

Published Nov 30, 2023
Updated: Dec 6, 2023
CWE ID 287

Summary

CVE-2023-6354 is a vulnerability affecting Tyler Technologies' Magistrate Court Case Management Plus system. An attacker can exploit this issue by manipulating the 'filename' parameter in the PDFViewer.aspx page to upload, delete, or view files remotely and without authentication. This poses a significant risk as it allows unauthorized access to sensitive information.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share