How severe is CVE-2022-34771?

This vulnerability has a severity rating of LOW with a CVSS score of 3.5 out of 10.

What type of vulnerability is CVE-2022-34771?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2022-34771

LOW Year: 2022

CVSS v3 Score

3.5

Low

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Tabit - arbitrary SMS send on Tabits behalf. The resend OTP API of tabit allows an adversary to send messages on tabits behalf to anyone registered on the system - the API receives the parameters: phone number, and CustomMessage, We can use that API to craft malicious messages to any user of the system. In addition, the API probably has some kind of template injection potential. When entering {{OTP}} in the custom message field it is formatted into an OTP.

CVE-2016-3531

LOW

CVSS:3.5(Low)

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via vectors related to PC ...

NVD-CWE-Other2016

CVE-2017-10014

LOW

CVSS:3.5(Low)

Vulnerability in the Oracle Hospitality Hotel Mobile component of Oracle Hospitality Applications (subcomponent: Suite8/RESTAPI). The supported version that is affected is 1.1. Easily exploitable vuln...

NVD-CWE-Other2017

CVE-2017-10308

LOW

CVSS:3.5(Low)

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Performance). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerab...

NVD-CWE-Other2017

CVE-2017-3235

LOW

CVSS:3.5(Low)

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2...

NVD-CWE-Other2017

CVE-2019-18179

LOW

CVSS:3.5(Low)

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent ...

NVD-CWE-Other2019

CVE-2019-2547

LOW

CVSS:3.5(Low)

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged ...

NVD-CWE-Other2019

CVE-2022-34771

Vulnerability Description

Related Vulnerabilities

CVE-2016-3531

CVE-2017-10014

CVE-2017-10308

CVE-2017-3235

CVE-2019-18179

CVE-2019-2547