CVE-2023-6353

CVSS 3.1 Score 9.4 of 10 (high)

Details

Published Nov 30, 2023

Updated: Dec 6, 2023

CWE ID 287

Summary

CVE-2023-6353 is a vulnerability affecting Tyler Technologies Civil and Criminal Electronic Filing system. An attacker can exploit this issue by manipulating the 'enky' parameter in the Upload.aspx file, allowing them to upload, delete, and view files without authentication and remotely. This poses a significant risk as it enables unauthorized access and manipulation of sensitive files.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tl7hc8
https://www.cve.org/CVERecord?id=CVE-2023-6353
https://nvd.nist.gov/vuln/detail/CVE-2023-6353

Back to Vulnerability Database

CVE-2023-6353

CVSS 3.1 Score 9.4 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations