Multiple vulnerabilities in Tyler Technologies Court Case Management Plus
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2023-6354 CVE-2023-6353 CVE-2023-6375 CVE-2023-6344 CVE-2023-6343 CVE-2023-6342 |
| CWE-ID | CWE-287 CWE-552 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Court Case Management Plus Client/Desktop applications / Other client software |
| Vendor | Tyler Technologies |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Improper Authentication
EUVDB-ID: #VU83892
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6354
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in when processing authentication requests within the Magistrate Court Case Management Plus. A remote attacker can manipulate the PDFViewer.aspx "filename" parameter and upload, delete and view arbitrary files.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCourt Case Management Plus: All versions
External linkshttp://www.tylertech.com/solutions/courts-public-safety/courts-justice
http://github.com/qwell/disorder-in-the-court/blob/main/README-TylerTechnologies.md
http://techcrunch.com/2023/11/30/us-court-records-systems-vulnerabilities-exposed-sealed-documents/
http://www.cisa.gov/news-events/alerts/2023/11/30/multiple-vulnerabilities-affecting-web-based-court-case-and-document-management-systems
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper Authentication
EUVDB-ID: #VU83881
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6353
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in when processing authentication requests within Civil and Criminal Electronic Filing. A remote attacker can manipulate the Upload.aspx "enky" parameter and upload, delete and view arbitrary files.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCourt Case Management Plus: All versions
External linkshttp://www.tylertech.com/solutions/courts-public-safety/courts-justice
http://github.com/qwell/disorder-in-the-court/blob/main/README-TylerTechnologies.md
http://techcrunch.com/2023/11/30/us-court-records-systems-vulnerabilities-exposed-sealed-documents/
http://www.cisa.gov/news-events/alerts/2023/11/30/multiple-vulnerabilities-affecting-web-based-court-case-and-document-management-systems
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Files or Directories Accessible to External Parties
EUVDB-ID: #VU83877
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6375
CWE-ID:
CWE-552 - Files or Directories Accessible to External Parties
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to files or directories accessible to external parties. A remote attacker can gain access to backups containing sensitive information such as database credentials.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCourt Case Management Plus: All versions
External linkshttp://www.tylertech.com/solutions/courts-public-safety/courts-justice
http://github.com/qwell/disorder-in-the-court/blob/main/README-TylerTechnologies.md
http://techcrunch.com/2023/11/30/us-court-records-systems-vulnerabilities-exposed-sealed-documents/
http://www.cisa.gov/news-events/alerts/2023/11/30/multiple-vulnerabilities-affecting-web-based-court-case-and-document-management-systems
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper Authentication
EUVDB-ID: #VU83873
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6344
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in when processing authentication requests within the Aquaforest TIFF Server feature. A remote attacker can use the tiffserver/te003.aspx or te004.aspx "ifolder" parameter and enumerate directories.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCourt Case Management Plus: All versions
External linkshttp://www.tylertech.com/solutions/courts-public-safety/courts-justice
http://www.aquaforest.com/blog/tiff-server-security-update
http://www.aquaforest.com/blog/aquaforest-tiff-server-sunsetting
http://github.com/qwell/disorder-in-the-court/blob/main/README-TylerTechnologies.md
http://techcrunch.com/2023/11/30/us-court-records-systems-vulnerabilities-exposed-sealed-documents/
http://www.cisa.gov/news-events/alerts/2023/11/30/multiple-vulnerabilities-affecting-web-based-court-case-and-document-management-systems
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper Authentication
EUVDB-ID: #VU83872
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6343
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in when processing authentication requests within the Aquaforest TIFF Server feature. A remote attacker can enumerate and access sensitive files using the tiffserver/tssp.aspx "FN" and "PN" parameters.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCourt Case Management Plus: All versions
External linkshttp://www.tylertech.com/solutions/courts-public-safety/courts-justice
http://www.aquaforest.com/blog/tiff-server-security-update
http://www.aquaforest.com/blog/aquaforest-tiff-server-sunsetting
http://github.com/qwell/disorder-in-the-court/blob/main/README-TylerTechnologies.md
http://techcrunch.com/2023/11/30/us-court-records-systems-vulnerabilities-exposed-sealed-documents/
http://www.cisa.gov/news-events/alerts/2023/11/30/multiple-vulnerabilities-affecting-web-based-court-case-and-document-management-systems
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper Authentication
EUVDB-ID: #VU83871
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6342
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in when processing authentication requests within the "pay for print" feature. A remote attacker can bypass authentication process and gain unauthorized access to the application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCourt Case Management Plus: All versions
External linkshttp://www.tylertech.com/solutions/courts-public-safety/courts-justice
http://github.com/qwell/disorder-in-the-court/blob/main/README-TylerTechnologies.md
http://techcrunch.com/2023/11/30/us-court-records-systems-vulnerabilities-exposed-sealed-documents/
http://www.cisa.gov/news-events/alerts/2023/11/30/multiple-vulnerabilities-affecting-web-based-court-case-and-document-management-systems
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
