An Insecure Direct Object Reference issue exists in the Tyler Odyssey Portal platform before 17.1.20. This may allow an external party to access sensitive case records.
References
Link | Resource |
---|---|
https://news.ycombinator.com/item?id=30502117 | Third Party Advisory |
https://www.calbar.ca.gov/About-Us/News/Data-Breach-Updates | Issue Tracking Third Party Advisory US Government Resource |
https://www.judyrecords.com/info | Third Party Advisory |
https://www.judyrecords.com/what-happened-with-tyler-technologies | Exploit Technical Description Third Party Advisory |
https://www.tylertech.com/dataharvest | Issue Tracking Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-04-18T14:37:48
Updated: 2022-05-10T00:04:11
Reserved: 2022-03-07T00:00:00
Link: CVE-2022-26665
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-18T15:15:08.837
Modified: 2022-09-03T03:54:45.057
Link: CVE-2022-26665
JSON object: View
Redhat Information
No data.
CWE