CVE-2022-34775 - OpenCVE

Tabit - Excessive data exposure. Another endpoint mapped by the tiny url, was one for reservation cancellation, containing the MongoDB ID of the reservation, and organization. This can be used to query the http://tgm-api.tabit.cloud/rsv/management/{reservationId}?organization={orgId} API which returns a lot of data regarding the reservation (OWASP: API3): Name, mail, phone number, the number of visits of the user to this specific restaurant, the money he spent there, the money he spent on alcohol, whether he left a deposit etc. This information can easily be used for a phishing attack.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Tabit	Tabit

Configuration 1 [-]

cpe:2.3:a:tabit:tabit:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.gov.il/en/departments/faq/cve_advisories

History

No history.

MITRE

Status: PUBLISHED

Assigner: INCD

Published: 2022-08-22T14:42:21.732388Z

Updated: 2024-09-17T04:09:02.934Z

Reserved: 2022-06-29T00:00:00

Link: CVE-2022-34775

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-08-22T15:15:16.347

Modified: 2023-08-08T14:21:49.707

Link: CVE-2022-34775

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Tabit", "vendor": "Tabit", "versions": [{"lessThan": "3.27.0*", "status": "affected", "version": "3.27.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Guy Ben Simhon - Noname Security"}], "datePublic": "2022-08-17T00:00:00", "descriptions": [{"lang": "en", "value": "Tabit - Excessive data exposure. Another endpoint mapped by the tiny url, was one for reservation cancellation, containing the MongoDB ID of the reservation, and organization. This can be used to query the http://tgm-api.tabit.cloud/rsv/management/{reservationId}?organization={orgId} API which returns a lot of data regarding the reservation (OWASP: API3): Name, mail, phone number, the number of visits of the user to this specific restaurant, the money he spent there, the money he spent on alcohol, whether he left a deposit etc. This information can easily be used for a phishing attack."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "Excessive data exposure", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-08-22T14:42:21", "orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f", "shortName": "INCD"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.gov.il/en/departments/faq/cve_advisories"}], "solutions": [{"lang": "en", "value": "Update to version 3.27.0."}], "source": {"defect": ["ILVN-2022-0047"], "discovery": "EXTERNAL"}, "title": "Tabit - Excessive data exposure", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cna@cyber.gov.il", "DATE_PUBLIC": "2022-08-17T11:14:00.000Z", "ID": "CVE-2022-34775", "STATE": "PUBLIC", "TITLE": "Tabit - Excessive data exposure"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Tabit", "version": {"version_data": [{"version_affected": ">", "version_name": "3.27.0", "version_value": "3.27.0"}]}}]}, "vendor_name": "Tabit"}]}}, "credit": [{"lang": "eng", "value": "Guy Ben Simhon - Noname Security"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Tabit - Excessive data exposure. Another endpoint mapped by the tiny url, was one for reservation cancellation, containing the MongoDB ID of the reservation, and organization. This can be used to query the http://tgm-api.tabit.cloud/rsv/management/{reservationId}?organization={orgId} API which returns a lot of data regarding the reservation (OWASP: API3): Name, mail, phone number, the number of visits of the user to this specific restaurant, the money he spent there, the money he spent on alcohol, whether he left a deposit etc. This information can easily be used for a phishing attack."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Excessive data exposure"}]}]}, "references": {"reference_data": [{"name": "https://www.gov.il/en/departments/faq/cve_advisories", "refsource": "MISC", "url": "https://www.gov.il/en/departments/faq/cve_advisories"}]}, "solution": [{"lang": "en", "value": "Update to version 3.27.0."}], "source": {"defect": ["ILVN-2022-0047"], "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T09:22:10.692Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.gov.il/en/departments/faq/cve_advisories"}]}]}, "cveMetadata": {"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f", "assignerShortName": "INCD", "cveId": "CVE-2022-34775", "datePublished": "2022-08-22T14:42:21.732388Z", "dateReserved": "2022-06-29T00:00:00", "dateUpdated": "2024-09-17T04:09:02.934Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tabit:tabit:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D2DB843-28A9-4524-B84D-F714BF3DB9F6", "versionEndExcluding": "3.27.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Tabit - Excessive data exposure. Another endpoint mapped by the tiny url, was one for reservation cancellation, containing the MongoDB ID of the reservation, and organization. This can be used to query the http://tgm-api.tabit.cloud/rsv/management/{reservationId}?organization={orgId} API which returns a lot of data regarding the reservation (OWASP: API3): Name, mail, phone number, the number of visits of the user to this specific restaurant, the money he spent there, the money he spent on alcohol, whether he left a deposit etc. This information can easily be used for a phishing attack."}, {"lang": "es", "value": "Tabit - Exposici\u00f3n excesiva de datos. Otro endpoint mapeado por la diminuta url, era uno para la cancelaci\u00f3n de reservas, que conten\u00eda el ID de MongoDB de la reserva, y la organizaci\u00f3n. Esto puede ser usado para consultar la API http://tgm-api.tabit.cloud/rsv/management/{reservationId}?organization={orgId} API que devuelve muchos datos sobre la reserva (OWASP: API3): Nombre, correo, n\u00famero de tel\u00e9fono, el n\u00famero de visitas del usuario a ese restaurante concreto, el dinero que ha gastado all\u00ed, el dinero que ha gastado en alcohol, si ha dejado un dep\u00f3sito, etc. Esta informaci\u00f3n puede usarse f\u00e1cilmente para un ataque de phishing."}], "id": "CVE-2022-34775", "lastModified": "2023-08-08T14:21:49.707", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "cna@cyber.gov.il", "type": "Secondary"}]}, "published": "2022-08-22T15:15:16.347", "references": [{"source": "cna@cyber.gov.il", "tags": ["Third Party Advisory"], "url": "https://www.gov.il/en/departments/faq/cve_advisories"}], "sourceIdentifier": "cna@cyber.gov.il", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "nvd@nist.gov", "type": "Primary"}]}