Vulnerabilities > CVE-2022-34774 - Unspecified vulnerability in Tabit

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

tabit

NVD

Published: 2022-08-22

Updated: 2023-03-28

Summary

Tabit - Arbitrary account modification. One of the endpoints mapped by the tiny URL, was a page where an adversary can modify personal details, such as email addresses and phone numbers of a specific user in a restaurant's loyalty program. Possibly allowing account takeover (the mail can be used to reset password).

Vulnerable Configurations

Part	Description	Count
Application	Tabit Tabit Tabit *	1

References

https://www.gov.il/en/departments/faq/cve_advisories