Vulnerability Description
An Insecure Direct Object Reference issue exists in the Tyler Odyssey Portal platform before 17.1.20. This may allow an external party to access sensitive case records.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tylertech | Odyssey Portal | < 17.1.20 |
Related Weaknesses (CWE)
References
- https://news.ycombinator.com/item?id=30502117Third Party Advisory
- https://www.calbar.ca.gov/About-Us/News/Data-Breach-UpdatesIssue TrackingThird Party AdvisoryUS Government Resource
- https://www.judyrecords.com/infoThird Party Advisory
- https://www.judyrecords.com/what-happened-with-tyler-technologiesExploitTechnical DescriptionThird Party Advisory
- https://www.tylertech.com/dataharvestIssue TrackingVendor Advisory
- https://news.ycombinator.com/item?id=30502117Third Party Advisory
- https://www.calbar.ca.gov/About-Us/News/Data-Breach-UpdatesIssue TrackingThird Party AdvisoryUS Government Resource
- https://www.judyrecords.com/infoThird Party Advisory
- https://www.judyrecords.com/what-happened-with-tyler-technologiesExploitTechnical DescriptionThird Party Advisory
- https://www.tylertech.com/dataharvestIssue TrackingVendor Advisory
FAQ
What is CVE-2022-26665?
CVE-2022-26665 is a vulnerability with a CVSS score of 7.5 (HIGH). An Insecure Direct Object Reference issue exists in the Tyler Odyssey Portal platform before 17.1.20. This may allow an external party to access sensitive case records.
How severe is CVE-2022-26665?
CVE-2022-26665 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-26665?
Check the references section above for vendor advisories and patch information. Affected products include: Tylertech Odyssey Portal.