Common Weakness Enumeration

CWE-203

Allowed

Observable Discrepancy

Abstraction: Base · Status: Incomplete

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

836 vulnerabilities reference this CWE, most recent first.

GHSA-XR6C-7PFV-6VGF

Vulnerability from github – Published: 2023-08-08 18:30 – Updated: 2024-06-10 18:30
VLAI
Details

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled?address, potentially leading to information disclosure.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-20569"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-08T18:15:11Z",
    "severity": "MODERATE"
  },
  "details": "\n\n\nA side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled?address, potentially leading to information disclosure.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n",
  "id": "GHSA-xr6c-7pfv-6vgf",
  "modified": "2024-06-10T18:30:49Z",
  "published": "2023-08-08T18:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20569"
    },
    {
      "type": "WEB",
      "url": "https://comsec.ethz.ch/research/microarch/inception"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4E4TZNMLYL2KETY23IPA43QXFAVJ46V"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKK3IA63LSKM4EC3TN4UM6DDEIOWEQIG"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7WO5JM74YJSYAE5RBV4DC6A4YLEKWLF"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20240605-0006"
    },
    {
      "type": "WEB",
      "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7005"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2023/dsa-5475"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/08/08/4"
    },
    {
      "type": "WEB",
      "url": "http://xenbits.xen.org/xsa/advisory-434.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XR6Q-QCGJ-7PRG

Vulnerability from github – Published: 2023-07-04 09:30 – Updated: 2024-04-04 05:23
VLAI
Details

The Protect WP Admin WordPress plugin before 4.0 discloses the URL of the admin panel via a redirection of a crafted URL, bypassing the protection offered.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-3139"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-203",
      "CWE-601"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-04T08:15:10Z",
    "severity": "MODERATE"
  },
  "details": "The Protect WP Admin WordPress plugin before 4.0 discloses the URL of the admin panel via a redirection of a crafted URL, bypassing the protection offered.",
  "id": "GHSA-xr6q-qcgj-7prg",
  "modified": "2024-04-04T05:23:07Z",
  "published": "2023-07-04T09:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3139"
    },
    {
      "type": "WEB",
      "url": "https://magos-securitas.com/txt/CVE-2023-3139.txt"
    },
    {
      "type": "WEB",
      "url": "https://wpscan.com/vulnerability/f8a29aee-19cd-4e62-b829-afc9107f69bd"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XWC5-Q44V-P6GG

Vulnerability from github – Published: 2025-08-22 18:31 – Updated: 2025-12-20 05:21
VLAI
Summary
Liferay Portal User Enumeration Vulnerability via the Create Account Page
Details

User enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14, 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10 and 7.4 GA through update 92 allows remote attackers to determine if an account exist in the application via the create account page.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.liferay:com.liferay.login.web"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.0.66"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-43751"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-08-22T21:09:36Z",
    "nvd_published_at": "2025-08-22T16:15:43Z",
    "severity": "MODERATE"
  },
  "details": "User enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14, 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10 and 7.4 GA through update 92 allows remote attackers to determine if an account exist in the application via the create account page.",
  "id": "GHSA-xwc5-q44v-p6gg",
  "modified": "2025-12-20T05:21:35Z",
  "published": "2025-08-22T18:31:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43751"
    },
    {
      "type": "WEB",
      "url": "https://github.com/liferay/liferay-portal/commit/097597e31b596295cb993bac596a42f06ac1e6d8"
    },
    {
      "type": "WEB",
      "url": "https://github.com/liferay/liferay-portal/commit/1205e7bbcc31c40180935044d39ebf158b5256e1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/liferay/liferay-portal/commit/4843e000995ef5fbe4e4f14dce23c2f3116940de"
    },
    {
      "type": "WEB",
      "url": "https://github.com/liferay/liferay-portal/commit/4987ff8641b970db3dca14d75bb9687120107c3b"
    },
    {
      "type": "WEB",
      "url": "https://github.com/liferay/liferay-portal/commit/4f3b52bc92875cd0a0958ea33dece09b8224e6dc"
    },
    {
      "type": "WEB",
      "url": "https://github.com/liferay/liferay-portal/commit/609104647a5a0bb79627ef689a2f8dc9fe9fbb05"
    },
    {
      "type": "WEB",
      "url": "https://github.com/liferay/liferay-portal/commit/7b8376791cfe22bfce14e5f241af1d158d535fd8"
    },
    {
      "type": "WEB",
      "url": "https://github.com/liferay/liferay-portal/commit/7e9e29a9dac8e5b6db6f2a480c98b483584b2f87"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/liferay/liferay-portal"
    },
    {
      "type": "WEB",
      "url": "https://liferay.atlassian.net/browse/LPE-18203"
    },
    {
      "type": "WEB",
      "url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-43751"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Liferay Portal User Enumeration Vulnerability via the Create Account Page"
}

GHSA-XWG3-QRCG-W9X6

Vulnerability from github – Published: 2021-04-19 14:51 – Updated: 2021-04-23 17:17
VLAI
Summary
Timing side channel vulnerability in UIDL request handler in Vaadin 10, 11-14, and 15-18
Details

Non-constant-time comparison of CSRF tokens in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through 1.0.13 (Vaadin 10.0.0 through 10.0.16), 1.1.0 prior to 2.0.0 (Vaadin 11 through 13), 2.0.0 through 2.4.6 (Vaadin 14.0.0 through 14.4.6), 3.0.0 prior to 5.0.0 (Vaadin 15 prior to 18), and 5.0.0 through 5.0.2 (Vaadin 18.0.0 through 18.0.5) allows attacker to guess a security token via timing attack.

  • https://vaadin.com/security/cve-2021-31404
Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.vaadin:flow-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.0.0"
            },
            {
              "fixed": "1.0.14"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.vaadin:flow-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.1.0"
            },
            {
              "fixed": "2.4.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "com.vaadin:flow-server"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.0.0"
            },
            {
              "fixed": "5.0.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-31404"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203",
      "CWE-208"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-04-16T23:16:19Z",
    "nvd_published_at": "2021-04-23T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Non-constant-time comparison of CSRF tokens in UIDL request handler in `com.vaadin:flow-server` versions 1.0.0 through 1.0.13 (Vaadin 10.0.0 through 10.0.16), 1.1.0 prior to 2.0.0 (Vaadin 11 through 13), 2.0.0 through 2.4.6 (Vaadin 14.0.0 through 14.4.6), 3.0.0 prior to 5.0.0 (Vaadin 15 prior to 18), and 5.0.0 through 5.0.2 (Vaadin 18.0.0 through 18.0.5) allows attacker to guess a security token via timing attack.\n\n- https://vaadin.com/security/cve-2021-31404",
  "id": "GHSA-xwg3-qrcg-w9x6",
  "modified": "2021-04-23T17:17:16Z",
  "published": "2021-04-19T14:51:25Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/vaadin/flow/security/advisories/GHSA-xwg3-qrcg-w9x6"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31404"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vaadin/flow/pull/9875"
    },
    {
      "type": "WEB",
      "url": "https://vaadin.com/security/cve-2021-31404"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Timing side channel vulnerability in UIDL request handler in Vaadin 10, 11-14, and 15-18"
}

GHSA-XX27-X5JH-MCRM

Vulnerability from github – Published: 2022-05-24 17:36 – Updated: 2022-05-24 17:36
VLAI
Details

In resolv_cache_lookup of res_cache.cpp, there is a possible side channel information disclosure. This could lead to local information disclosure of accessed web resources with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150371903

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-0464"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-12-14T22:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In resolv_cache_lookup of res_cache.cpp, there is a possible side channel information disclosure. This could lead to local information disclosure of accessed web resources with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150371903",
  "id": "GHSA-xx27-x5jh-mcrm",
  "modified": "2022-05-24T17:36:15Z",
  "published": "2022-05-24T17:36:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0464"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2020-12-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-XXXM-CQ2Q-5V69

Vulnerability from github – Published: 2023-08-22 21:30 – Updated: 2025-11-04 00:30
VLAI
Details

IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 257132.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-33850"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-22T21:15:07Z",
    "severity": "HIGH"
  },
  "details": "IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 257132.",
  "id": "GHSA-xxxm-cq2q-5v69",
  "modified": "2025-11-04T00:30:39Z",
  "published": "2023-08-22T21:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33850"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/257132"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20241108-0002"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7010369"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7022413"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7022414"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-46
Architecture and Design

Strategy: Separation of Privilege

  • Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
  • Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
Mitigation MIT-39
Implementation
  • Ensure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or optimize their original attack, thereby increasing their chances of success.
  • If errors must be captured in some detail, record them in log messages, but consider what could occur if the log messages can be viewed by attackers. Highly sensitive information such as passwords should never be saved to log files.
  • Avoid inconsistent messaging that might accidentally tip off an attacker about internal state, such as whether a user account exists or not.
CAPEC-189: Black Box Reverse Engineering

An adversary discovers the structure, function, and composition of a type of computer software through black box analysis techniques. 'Black Box' methods involve interacting with the software indirectly, in the absence of direct access to the executable object. Such analysis typically involves interacting with the software at the boundaries of where the software interfaces with a larger execution environment, such as input-output vectors, libraries, or APIs. Black Box Reverse Engineering also refers to gathering physical side effects of a hardware device, such as electromagnetic radiation or sounds.