CVE-2022-26665

EUVD-2022-31215
An Insecure Direct Object Reference issue exists in the Tyler Odyssey Portal platform before 17.1.20. This may allow an external party to access sensitive case records.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
Affected Products (NVD)
VendorProductVersion
tylertechodyssey_portal
𝑥
< 17.1.20
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://news.ycombinator.com/item?id=30502117
https://www.calbar.ca.gov/About-Us/News/Data-Breach-Updates
https://www.judyrecords.com/info
https://www.judyrecords.com/what-happened-with-tyler-technologies
https://www.tylertech.com/dataharvest
https://news.ycombinator.com/item?id=30502117
https://www.calbar.ca.gov/About-Us/News/Data-Breach-Updates
https://www.judyrecords.com/info
https://www.judyrecords.com/what-happened-with-tyler-technologies
https://www.tylertech.com/dataharvest