Common Weakness Enumeration

CWE-203

Allowed

Observable Discrepancy

Abstraction: Base · Status: Incomplete

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

836 vulnerabilities reference this CWE, most recent first.

GHSA-M67G-36F9-CXH6

Vulnerability from github – Published: 2023-05-11 21:30 – Updated: 2024-04-04 04:02
VLAI
Details

IBM Spectrum Virtualize 8.5, under certain circumstances, could disclose sensitive credential information while a download from Fix Central is in progress. IBM X-Force ID: 249518.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-27870"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-11T20:15:09Z",
    "severity": "HIGH"
  },
  "details": "\nIBM Spectrum Virtualize 8.5, under certain circumstances, could disclose sensitive credential information while a download from Fix Central is in progress. IBM X-Force ID: 249518.\n\n",
  "id": "GHSA-m67g-36f9-cxh6",
  "modified": "2024-04-04T04:02:50Z",
  "published": "2023-05-11T21:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27870"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249518"
    },
    {
      "type": "WEB",
      "url": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/249518"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/6985697"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M6GV-23GP-3JM6

Vulnerability from github – Published: 2022-05-24 19:20 – Updated: 2022-05-24 19:20
VLAI
Details

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-1924"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-12T07:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking",
  "id": "GHSA-m6gv-23gp-3jm6",
  "modified": "2022-05-24T19:20:34Z",
  "published": "2022-05-24T19:20:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1924"
    },
    {
      "type": "WEB",
      "url": "https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-M6J8-RG6R-7MV8

Vulnerability from github – Published: 2026-02-18 22:36 – Updated: 2026-02-27 20:44
VLAI
Summary
Go Ethereum Improperly Validates the ECIES Public Key in RLPx Handshake
Details

Impact

Through a flaw in the ECIES cryptography implementation, an attacker may be able to extract bits of the p2p node key.

Patches

The issue is resolved in the v1.16.9 and v1.17.0 releases of Geth. We recommend rotating the node key after applying the upgrade, which can be done by removing the file <datadir>/geth/nodekey before starting Geth.

Credit

The issue was reported as a public pull request to go-ethereum by @fengjian.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.16.8"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/ethereum/go-ethereum"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.16.9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-26315"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-18T22:36:06Z",
    "nvd_published_at": "2026-02-19T22:16:46Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nThrough a flaw in the ECIES cryptography implementation, an attacker may be able to extract bits of the p2p node key.\n\n### Patches\n\nThe issue is resolved in the v1.16.9 and v1.17.0 releases of Geth. We recommend rotating the node key after applying the upgrade, which can be done by removing the file `\u003cdatadir\u003e/geth/nodekey` before starting Geth.\n\n### Credit\n\nThe issue was reported as a public pull request to go-ethereum by @fengjian.",
  "id": "GHSA-m6j8-rg6r-7mv8",
  "modified": "2026-02-27T20:44:58Z",
  "published": "2026-02-18T22:36:06Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-m6j8-rg6r-7mv8"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26315"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ethereum/go-ethereum/pull/33669"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ethereum/go-ethereum/commit/46bee92f9e64c0a06a12586a5d21cffc49d1ba8e"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ethereum/go-ethereum"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ethereum/go-ethereum/releases/tag/v1.16.9"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2026-4511"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Go Ethereum Improperly Validates the ECIES Public Key in RLPx Handshake"
}

GHSA-M6P4-VHGW-8C9C

Vulnerability from github – Published: 2024-10-23 18:33 – Updated: 2024-10-24 21:31
VLAI
Details

Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 (used in Chacha-Poly1305 and x25519). An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i386. (Only 32-bit processors can be affected.)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-50383"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-23T17:15:19Z",
    "severity": "MODERATE"
  },
  "details": "Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 (used in Chacha-Poly1305 and x25519). An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i386. (Only 32-bit processors can be affected.)",
  "id": "GHSA-m6p4-vhgw-8c9c",
  "modified": "2024-10-24T21:31:03Z",
  "published": "2024-10-23T18:33:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50383"
    },
    {
      "type": "WEB",
      "url": "https://github.com/randombit/botan/commit/53b0cfde580e86b03d0d27a488b6c134f662e957"
    },
    {
      "type": "WEB",
      "url": "https://arxiv.org/pdf/2410.13489"
    },
    {
      "type": "WEB",
      "url": "https://github.com/randombit/botan/compare/3.5.0...3.6.0"
    },
    {
      "type": "WEB",
      "url": "https://news.ycombinator.com/item?id=41887153"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M6P5-M5XH-8XGM

Vulnerability from github – Published: 2022-05-13 00:00 – Updated: 2025-05-05 18:31
VLAI
Details

Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-33149"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-05-12T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.",
  "id": "GHSA-m6p5-m5xh-8xgm",
  "modified": "2025-05-05T18:31:59Z",
  "published": "2022-05-13T00:00:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33149"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220818-0002"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00648.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M7HV-7HVQ-Q3XX

Vulnerability from github – Published: 2022-06-16 00:00 – Updated: 2025-05-05 18:32
VLAI
Details

Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-24436"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-15T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access.",
  "id": "GHSA-m7hv-7hvq-q3xx",
  "modified": "2025-05-05T18:32:10Z",
  "published": "2022-06-16T00:00:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24436"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220624-0007"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00698.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M7QP-CJ9P-GJ85

Vulnerability from github – Published: 2022-12-28 18:30 – Updated: 2024-03-01 14:23
VLAI
Summary
OpenShift OSIN vulnerable to Observable Timing Discrepancy
Details

A vulnerability was found in OpenShift OSIN. It has been classified as problematic. This affects the function ClientSecretMatches/CheckClientSecret. The manipulation of the argument secret leads to observable timing discrepancy. The name of the patch is 8612686d6dda34ae9ef6b5a974e4b7accb4fea29. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216987.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/openshift/osin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.0.2-0.20210113124101-8612686d6dda"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-4294"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203",
      "CWE-208"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-01-09T21:50:04Z",
    "nvd_published_at": "2022-12-28T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was found in OpenShift OSIN. It has been classified as problematic. This affects the function `ClientSecretMatches/CheckClientSecret`. The manipulation of the argument secret leads to observable timing discrepancy. The name of the patch is 8612686d6dda34ae9ef6b5a974e4b7accb4fea29. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216987.",
  "id": "GHSA-m7qp-cj9p-gj85",
  "modified": "2024-03-01T14:23:07Z",
  "published": "2022-12-28T18:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4294"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openshift/osin/pull/200"
    },
    {
      "type": "WEB",
      "url": "https://github.com/openshift/osin/commit/8612686d6dda34ae9ef6b5a974e4b7accb4fea29"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openshift/osin"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2022-1201"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.216987"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.216987"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "OpenShift OSIN vulnerable to Observable Timing Discrepancy"
}

GHSA-M845-5GJ8-66H2

Vulnerability from github – Published: 2022-05-24 17:37 – Updated: 2022-05-24 17:37
VLAI
Details

An issue was discovered in the SecurePoll extension for MediaWiki through 1.35.1. The non-admin vote list contains a full vote timestamp, which may provide unintended clues about how a voting process unfolded.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-35624"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-12-21T23:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in the SecurePoll extension for MediaWiki through 1.35.1. The non-admin vote list contains a full vote timestamp, which may provide unintended clues about how a voting process unfolded.",
  "id": "GHSA-m845-5gj8-66h2",
  "modified": "2022-05-24T17:37:09Z",
  "published": "2022-05-24T17:37:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35624"
    },
    {
      "type": "WEB",
      "url": "https://gerrit.wikimedia.org/r/q/If8e15eb8ce9ec652c06816cbff52bb084fd50e73"
    },
    {
      "type": "WEB",
      "url": "https://phabricator.wikimedia.org/T268794"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-M8F6-RRCX-MRM3

Vulnerability from github – Published: 2025-12-31 00:31 – Updated: 2025-12-31 00:31
VLAI
Details

H3C SSL VPN contains a user enumeration vulnerability that allows attackers to identify valid usernames through the 'txtUsrName' POST parameter. Attackers can submit different usernames to the login_submit.cgi endpoint and analyze response messages to distinguish between existing and non-existing accounts.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-50800"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-30T23:15:47Z",
    "severity": "MODERATE"
  },
  "details": "H3C SSL VPN contains a user enumeration vulnerability that allows attackers to identify valid usernames through the \u0027txtUsrName\u0027 POST parameter. Attackers can submit different usernames to the login_submit.cgi endpoint and analyze response messages to distinguish between existing and non-existing accounts.",
  "id": "GHSA-m8f6-rrcx-mrm3",
  "modified": "2025-12-31T00:31:10Z",
  "published": "2025-12-31T00:31:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50800"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/50742"
    },
    {
      "type": "WEB",
      "url": "https://www.h3c.com"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/hc-ssl-vpn-na-username-enumeration-via-login-script-credential-verification"
    },
    {
      "type": "WEB",
      "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5697.php"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-M96V-GJ29-HF2Q

Vulnerability from github – Published: 2024-11-18 18:30 – Updated: 2024-11-18 18:30
VLAI
Details

A vulnerability in Cisco Integrated Management Controller could allow an unauthenticated, remote attacker to enumerate valid usernames within the vulnerable application. The vulnerability is due to differences in authentication responses sent back from the application as part of an authentication attempt. An attacker could exploit this vulnerability by sending authentication requests to the affected application. A successful exploit could allow the attacker to confirm the names of administrative user accounts for use in further attacks.There are no workarounds that address this vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-26062"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-18T16:15:05Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in Cisco\u0026nbsp;Integrated Management Controller could allow an unauthenticated, remote attacker to enumerate valid usernames within the vulnerable application.\nThe vulnerability is due to differences in authentication responses sent back from the application as part of an authentication attempt. An attacker could exploit this vulnerability by sending authentication requests to the affected application. A successful exploit could allow the attacker to confirm the names of administrative user accounts for use in further attacks.There are no workarounds that address this vulnerability.",
  "id": "GHSA-m96v-gj29-hf2q",
  "modified": "2024-11-18T18:30:55Z",
  "published": "2024-11-18T18:30:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26062"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-zWkppJxL"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-enum-CyheP3B7"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanx3-vrZbOqqD"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vsoln-arbfile-gtsEYxns"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-teams-xss-zLW9tD3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-46
Architecture and Design

Strategy: Separation of Privilege

  • Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
  • Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
Mitigation MIT-39
Implementation
  • Ensure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or optimize their original attack, thereby increasing their chances of success.
  • If errors must be captured in some detail, record them in log messages, but consider what could occur if the log messages can be viewed by attackers. Highly sensitive information such as passwords should never be saved to log files.
  • Avoid inconsistent messaging that might accidentally tip off an attacker about internal state, such as whether a user account exists or not.
CAPEC-189: Black Box Reverse Engineering

An adversary discovers the structure, function, and composition of a type of computer software through black box analysis techniques. 'Black Box' methods involve interacting with the software indirectly, in the absence of direct access to the executable object. Such analysis typically involves interacting with the software at the boundaries of where the software interfaces with a larger execution environment, such as input-output vectors, libraries, or APIs. Black Box Reverse Engineering also refers to gathering physical side effects of a hardware device, such as electromagnetic radiation or sounds.