Tabit
CVE-2022-34775
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
Tabit - Excessive data exposure. Another endpoint mapped by the tiny url, was one for reservation cancellation, containing the MongoDB ID of the reservation, and organization. This can be used to query the http://tgm-api.tabit.cloud/rsv/management/{reservationId}?organization={orgId} API which returns a lot of data regarding the reservation (OWASP: API3): Name, mail, phone number, the number of visits of the user to this specific restaurant, the money he spent there, the money he spent on alcohol, whether he left a deposit etc. This information can easily be used for a phishing attack.
AnalysisAI
Tabit - Excessive data exposure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-639. Tabit - Excessive data exposure. Another endpoint mapped by the tiny url, was one for reservation cancellation, containing the MongoDB ID of the reservation, and organization. This can be used to query the http://tgm-api.tabit.cloud/rsv/management/{reservationId}?organization={orgId} API which returns a lot of data regarding the reservation (OWASP: API3): Name, mail, phone number, the number of visits of the user to this specific restaurant, the money he spent there, the money he spent on alcohol, whether he left a deposit etc. This information can easily be used for a phishing attack. Affected products include: Tabit.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Tabit - HTTP Method manipulation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no aut
Tabit - password enumeration. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack com
Tabit - giftcard stealth. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication
Tabit - sensitive information disclosure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no
Tabit - Arbitrary account modification. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no
Tabit - arbitrary SMS send on Tabits behalf. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable,
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today