CVE-2022-34770

Name of the Vulnerable Software and Affected Versions Tabit (affected versions not specified)

Description The issue concerns the disclosure of sensitive information through several APIs on the Tabit web system. These APIs display health statements, previous bills, alcohol consumption, and smoking habits without proper authorization. Each API URL contains a MongoDB ID, which can be difficult to enumerate, but the use of 'tiny URLs' in the form of https://tbit.be/{suffix} simplifies the discovery of working URLs. This is an example of broken object-level authorization and lack of rate limiting. The redirect URL discloses MongoDB IDs, which can be used to query other endpoints and disclose more personal information, such as medical information and ID numbers, through API endpoints like https://tabitisrael.co.il/online-reservations/health-statement?orgId=`org id&healthStatementId=health statement id and https://tgm-api.tabit.cloud/health-statement/health statement id`.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.