CVE-2022-34773

MEDIUM

tabit < 3.27.0 - HTTP Method Manipulation via Addresses Query Endpoint

Title source: llm
STIX 2.1

Description

Tabit - HTTP Method manipulation. https://bridge.tabit.cloud/configuration/addresses-query - can be POST-ed to add addresses to the DB. This is an example of OWASP:API8 – Injection.

References (1)

Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.gov.il/en/departments/faq/cve_advisories

Scores

CVSS v3 4.9
EPSS 0.0050
EPSS Percentile 39.1%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

Details

CWE
CWE-74
Status published
Products (1)
tabit/tabit < 3.27.0
Published Aug 22, 2022
Tracked Since Feb 18, 2026