Common Weakness Enumeration

CWE-203

Allowed

Observable Discrepancy

Abstraction: Base · Status: Incomplete

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

836 vulnerabilities reference this CWE, most recent first.

GHSA-W3VQ-4XC2-4932

Vulnerability from github – Published: 2023-10-30 18:30 – Updated: 2023-11-07 03:30
VLAI
Details

In Job Scheduler, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-21344"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-30T17:15:50Z",
    "severity": "MODERATE"
  },
  "details": "In Job Scheduler, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.",
  "id": "GHSA-w3vq-4xc2-4932",
  "modified": "2023-11-07T03:30:26Z",
  "published": "2023-10-30T18:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21344"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/docs/security/bulletin/android-14"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W4W5-G7XP-7Q82

Vulnerability from github – Published: 2024-09-08 12:32 – Updated: 2024-09-08 12:32
VLAI
Details

Loway - CWE-204: Observable Response Discrepancy

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-42343"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203",
      "CWE-204"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-08T12:15:10Z",
    "severity": "MODERATE"
  },
  "details": "Loway - CWE-204: Observable Response Discrepancy",
  "id": "GHSA-w4w5-g7xp-7q82",
  "modified": "2024-09-08T12:32:45Z",
  "published": "2024-09-08T12:32:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42343"
    },
    {
      "type": "WEB",
      "url": "https://www.gov.il/en/Departments/faq/cve_advisories"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W5Q3-762F-G235

Vulnerability from github – Published: 2024-12-12 03:33 – Updated: 2025-11-04 00:32
VLAI
Details

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to access user-sensitive data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-54476"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-12T02:15:29Z",
    "severity": "MODERATE"
  },
  "details": "The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to access user-sensitive data.",
  "id": "GHSA-w5q3-762f-g235",
  "modified": "2025-11-04T00:32:12Z",
  "published": "2024-12-12T03:33:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54476"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/121839"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/121840"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/121842"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Dec/7"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Dec/8"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Dec/9"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W782-GJG9-CJX6

Vulnerability from github – Published: 2024-08-30 00:31 – Updated: 2024-08-30 00:31
VLAI
Details

The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-channel attacker with cache-line resolution. In a controlled environment such as Intel SGX, an attacker can gain a per instruction sub-cache-line resolution allowing them to break the cache-line-level protection. For details on the attack refer to: https://doi.org/10.46586/tches.v2024.i1.457-500

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-1543"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203",
      "CWE-208"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-29T23:15:10Z",
    "severity": "MODERATE"
  },
  "details": "The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-channel attacker with cache-line resolution. In a controlled environment such as Intel SGX, an attacker can gain a per instruction sub-cache-line resolution allowing them to break the cache-line-level protection. For details on the attack refer to:  https://doi.org/10.46586/tches.v2024.i1.457-500",
  "id": "GHSA-w782-gjg9-cjx6",
  "modified": "2024-08-30T00:31:23Z",
  "published": "2024-08-30T00:31:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1543"
    },
    {
      "type": "WEB",
      "url": "https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-566-dec-19-2023"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W7HV-422J-P88G

Vulnerability from github – Published: 2022-05-24 17:31 – Updated: 2022-05-27 00:01
VLAI
Details

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper implementation of countermeasures against the Bleichenbacher attack for cipher suites that rely on RSA for key exchange. An attacker could exploit this vulnerability by sending crafted TLS messages to the device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device. To exploit this vulnerability, an attacker must be able to perform both of the following actions: Capture TLS traffic that is in transit between clients and the affected device Actively establish a considerable number of TLS connections to the affected device

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-3585"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-10-21T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper implementation of countermeasures against the Bleichenbacher attack for cipher suites that rely on RSA for key exchange. An attacker could exploit this vulnerability by sending crafted TLS messages to the device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device. To exploit this vulnerability, an attacker must be able to perform both of the following actions: Capture TLS traffic that is in transit between clients and the affected device Actively establish a considerable number of TLS connections to the affected device",
  "id": "GHSA-w7hv-422j-p88g",
  "modified": "2022-05-27T00:01:02Z",
  "published": "2022-05-24T17:31:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3585"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-tls-bb-2g9uWkP"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W7JR-WQW6-54XC

Vulnerability from github – Published: 2022-05-24 17:07 – Updated: 2022-12-19 21:06
VLAI
Summary
Non-constant time comparison of inbound TCP agent connection secret
Details

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier does not use a constant-time comparison validating the connection secret when an inbound TCP agent connection is initiated. This could potentially allow attackers to use statistical methods to obtain the connection secret.

Jenkins 2.219, LTS 2.204.2 now uses a constant-time comparison function for verifying connection secrets.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.204.1"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.main:jenkins-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.204.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.218"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.main:jenkins-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.205"
            },
            {
              "fixed": "2.219"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-2101"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203",
      "CWE-208"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-12-19T21:06:40Z",
    "nvd_published_at": "2020-01-29T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier does not use a constant-time comparison validating the connection secret when an inbound TCP agent connection is initiated. This could potentially allow attackers to use statistical methods to obtain the connection secret.\n\nJenkins 2.219, LTS 2.204.2 now uses a constant-time comparison function for verifying connection secrets.",
  "id": "GHSA-w7jr-wqw6-54xc",
  "modified": "2022-12-19T21:06:40Z",
  "published": "2022-05-24T17:07:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2101"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jenkinsci/jenkins/commit/0ba36508187ff771bba87feaf03057496775064c"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHBA-2020:0402"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHBA-2020:0675"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0681"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0683"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jenkinsci/jenkins"
    },
    {
      "type": "WEB",
      "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1659"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Non-constant time comparison of inbound TCP agent connection secret"
}

GHSA-W7QC-MVCJ-WHR5

Vulnerability from github – Published: 2026-01-02 15:30 – Updated: 2026-01-06 18:31
VLAI
Details

REDCap 14.3.13 allows an attacker to enumerate usernames due to an observable discrepancy between login attempts.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-55374"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-02T15:15:56Z",
    "severity": "MODERATE"
  },
  "details": "REDCap 14.3.13 allows an attacker to enumerate usernames due to an observable discrepancy between login attempts.",
  "id": "GHSA-w7qc-mvcj-whr5",
  "modified": "2026-01-06T18:31:31Z",
  "published": "2026-01-02T15:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55374"
    },
    {
      "type": "WEB",
      "url": "https://github.com/T3slaa/CVE-2024-55374"
    },
    {
      "type": "WEB",
      "url": "http://redcap.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W7RQ-556W-C7GG

Vulnerability from github – Published: 2023-12-27 21:30 – Updated: 2023-12-27 21:30
VLAI
Details

Crypto++ (aka cryptopp) through 8.9.0 has a Marvin side channel during decryption with PKCS#1 v1.5 padding.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-50979"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-18T04:15:50Z",
    "severity": "MODERATE"
  },
  "details": "Crypto++ (aka cryptopp) through 8.9.0 has a Marvin side channel during decryption with PKCS#1 v1.5 padding.",
  "id": "GHSA-w7rq-556w-c7gg",
  "modified": "2023-12-27T21:30:58Z",
  "published": "2023-12-27T21:30:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50979"
    },
    {
      "type": "WEB",
      "url": "https://github.com/weidai11/cryptopp/issues/1247"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W7RR-MWMP-RJXV

Vulnerability from github – Published: 2022-01-11 00:00 – Updated: 2025-08-26 21:30
VLAI
Details

In NocoDB, versions 0.9 to 0.83.8 are vulnerable to Observable Discrepancy in the password-reset feature. When requesting a password reset for a given email address, the application displays an error message when the email isn't registered within the system. This allows attackers to enumerate the registered users' email addresses.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-22120"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-10T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In NocoDB, versions 0.9 to 0.83.8 are vulnerable to Observable Discrepancy in the password-reset feature. When requesting a password reset for a given email address, the application displays an error message when the email isn\u0027t registered within the system. This allows attackers to enumerate the registered users\u0027 email addresses.",
  "id": "GHSA-w7rr-mwmp-rjxv",
  "modified": "2025-08-26T21:30:54Z",
  "published": "2022-01-11T00:00:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22120"
    },
    {
      "type": "WEB",
      "url": "https://github.com/nocodb/nocodb/commit/f46e89b0"
    },
    {
      "type": "WEB",
      "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2022-22120"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W82P-R9VW-4RG5

Vulnerability from github – Published: 2025-09-26 09:31 – Updated: 2025-10-08 19:18
VLAI
Summary
WSO2's Input Validation Management Service contains Observable Discrepancy when Multi-Attribute Login is enabled
Details

A username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct "User does not exist" error message to the login form, regardless of the validate_username setting. This behavior allows malicious actors to determine which usernames exist in the system based on observable discrepancies in the application's responses.

Exploitation of this vulnerability could aid in brute-force attacks, targeted phishing campaigns, or other social engineering techniques by confirming the validity of user identifiers within the system.

There is a fix available in version 7.8.491, however it has not been published to the Maven registry.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.wso2.carbon.identity.framework:org.wso2.carbon.identity.input.validation.mgt"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "7.8.103"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-1396"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-10-08T19:18:42Z",
    "nvd_published_at": "2025-09-26T08:15:38Z",
    "severity": "LOW"
  },
  "details": "A username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct \"User does not exist\" error message to the login form, regardless of the validate_username setting. This behavior allows malicious actors to determine which usernames exist in the system based on observable discrepancies in the application\u0027s responses.\n\nExploitation of this vulnerability could aid in brute-force attacks, targeted phishing campaigns, or other social engineering techniques by confirming the validity of user identifiers within the system.\n\nThere is a fix available in version 7.8.491, however it has not been published to the Maven registry.",
  "id": "GHSA-w82p-r9vw-4rg5",
  "modified": "2025-10-08T19:18:42Z",
  "published": "2025-09-26T09:31:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1396"
    },
    {
      "type": "WEB",
      "url": "https://github.com/wso2/carbon-identity-framework/commit/5d5d592882a0377c12e19967c6272ccce0fb18ab"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/wso2/carbon-identity-framework"
    },
    {
      "type": "WEB",
      "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3983"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "WSO2\u0027s Input Validation Management Service contains Observable Discrepancy when Multi-Attribute Login is enabled"
}

Mitigation MIT-46
Architecture and Design

Strategy: Separation of Privilege

  • Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
  • Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
Mitigation MIT-39
Implementation
  • Ensure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or optimize their original attack, thereby increasing their chances of success.
  • If errors must be captured in some detail, record them in log messages, but consider what could occur if the log messages can be viewed by attackers. Highly sensitive information such as passwords should never be saved to log files.
  • Avoid inconsistent messaging that might accidentally tip off an attacker about internal state, such as whether a user account exists or not.
CAPEC-189: Black Box Reverse Engineering

An adversary discovers the structure, function, and composition of a type of computer software through black box analysis techniques. 'Black Box' methods involve interacting with the software indirectly, in the absence of direct access to the executable object. Such analysis typically involves interacting with the software at the boundaries of where the software interfaces with a larger execution environment, such as input-output vectors, libraries, or APIs. Black Box Reverse Engineering also refers to gathering physical side effects of a hardware device, such as electromagnetic radiation or sounds.