CVE-2022-34772 Information

Description

Tabit - password enumeration. Description: Tabit - password enumeration. The passwords for the Tabit system is a 4 digit OTP. One can resend OTP and try logging in indefinitely. Once again this is an example of OWASP: API4 - Rate limiting.

Reference

https://www.gov.il/en/departments/faq/cve_advisories