CWE-203
AllowedObservable Discrepancy
Abstraction: Base · Status: Incomplete
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.
835 vulnerabilities reference this CWE, most recent first.
GHSA-GPC7-8XX7-6F36
Vulnerability from github – Published: 2024-11-11 00:30 – Updated: 2024-11-26 18:38Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow memory access via a "Spectra" attack.
{
"affected": [],
"aliases": [
"CVE-2020-10367"
],
"database_specific": {
"cwe_ids": [
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-10T23:15:04Z",
"severity": "MODERATE"
},
"details": "Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow memory access via a \"Spectra\" attack.",
"id": "GHSA-gpc7-8xx7-6f36",
"modified": "2024-11-26T18:38:51Z",
"published": "2024-11-11T00:30:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10367"
},
{
"type": "WEB",
"url": "https://github.com/RPi-Distro/bluez-firmware/commit/8445a53ce2c51a77472b908a0c8f6f8e1fa5c37a"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052676"
},
{
"type": "WEB",
"url": "https://www.informatik.tu-darmstadt.de/fb20/aktuelles_fb20/fb20_neuigkeiten/neuigkeiten_fb20_details_203136.de.jsp"
},
{
"type": "WEB",
"url": "https://www.informatik.tu-darmstadt.de/seemoo/team_seemoo/jiska_classen/index.en.jsp"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-GQ6J-RFM8-VV32
Vulnerability from github – Published: 2023-10-30 18:30 – Updated: 2023-11-06 18:30In Content Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
{
"affected": [],
"aliases": [
"CVE-2023-21304"
],
"database_specific": {
"cwe_ids": [
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-30T17:15:48Z",
"severity": "MODERATE"
},
"details": "In Content Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.",
"id": "GHSA-gq6j-rfm8-vv32",
"modified": "2023-11-06T18:30:17Z",
"published": "2023-10-30T18:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-21304"
},
{
"type": "WEB",
"url": "https://source.android.com/docs/security/bulletin/android-14"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GQ87-XQCQ-QGM6
Vulnerability from github – Published: 2024-12-26 12:30 – Updated: 2024-12-26 12:30Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
{
"affected": [],
"aliases": [
"CVE-2024-8993"
],
"database_specific": {
"cwe_ids": [
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-26T12:15:07Z",
"severity": "MODERATE"
},
"details": "Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.",
"id": "GHSA-gq87-xqcq-qgm6",
"modified": "2024-12-26T12:30:45Z",
"published": "2024-12-26T12:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8993"
},
{
"type": "WEB",
"url": "https://www.honor.com/global/security/cve-2024-8993"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GQWV-CCM6-WR7J
Vulnerability from github – Published: 2021-12-16 00:01 – Updated: 2021-12-21 00:01In getDeviceIdWithFeature of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-186530889
{
"affected": [],
"aliases": [
"CVE-2021-1005"
],
"database_specific": {
"cwe_ids": [
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-15T19:15:00Z",
"severity": "MODERATE"
},
"details": "In getDeviceIdWithFeature of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-186530889",
"id": "GHSA-gqwv-ccm6-wr7j",
"modified": "2021-12-21T00:01:19Z",
"published": "2021-12-16T00:01:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1005"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2021-12-01"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-GRJJ-54GM-Q5VF
Vulnerability from github – Published: 2024-08-27 21:31 – Updated: 2026-01-28 00:31Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a modular reduction mod n where n is the order of the elliptic curve. Meaning k = r mod n. The division used during the reduction estimates a factor q_e by dividing the upper two digits (a digit having e.g. a size of 8 byte) of r by the upper digit of n and then decrements q_e in a loop until it has the correct size. Observing the number of times q_e is decremented through a control-flow revealing side-channel reveals a bias in the most significant bits of k. Depending on the curve this is either a negligible bias or a significant bias large enough to reconstruct k with lattice reduction methods. For SECP160R1, e.g., we find a bias of 15 bits.
{
"affected": [],
"aliases": [
"CVE-2024-1544"
],
"database_specific": {
"cwe_ids": [
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-27T19:15:16Z",
"severity": "MODERATE"
},
"details": "Generating the ECDSA nonce k samples a random number r and then \ntruncates this randomness with a modular reduction mod n where n is the \norder of the elliptic curve. Meaning k = r mod n. The division used \nduring the reduction estimates a factor q_e by dividing the upper two \ndigits (a digit having e.g. a size of 8 byte) of r by the upper digit of \nn and then decrements q_e in a loop until it has the correct size. \nObserving the number of times q_e is decremented through a control-flow \nrevealing side-channel reveals a bias in the most significant bits of \nk. Depending on the curve this is either a negligible bias or a \nsignificant bias large enough to reconstruct k with lattice reduction \nmethods. For SECP160R1, e.g., we find a bias of 15 bits.",
"id": "GHSA-grjj-54gm-q5vf",
"modified": "2026-01-28T00:31:37Z",
"published": "2024-08-27T21:31:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1544"
},
{
"type": "WEB",
"url": "https://github.com/wolfSSL/wolfssl/pull/7020"
},
{
"type": "WEB",
"url": "https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GV23-J6X4-4X4X
Vulnerability from github – Published: 2024-06-29 06:31 – Updated: 2024-06-29 06:31IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869.
{
"affected": [],
"aliases": [
"CVE-2024-38322"
],
"database_specific": {
"cwe_ids": [
"CWE-203",
"CWE-204"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-28T19:15:06Z",
"severity": "MODERATE"
},
"details": "IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869.",
"id": "GHSA-gv23-j6x4-4x4x",
"modified": "2024-06-29T06:31:39Z",
"published": "2024-06-29T06:31:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38322"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/294869"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7158446"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GV7V-MP3W-GFVH
Vulnerability from github – Published: 2022-05-24 17:49 – Updated: 2024-04-04 03:06Redmine before 4.0.9 and 4.1.x before 4.1.3 allows an attacker to learn the values of internal authentication keys by observing timing differences in string comparison operations within SysController and MailHandlerController.
{
"affected": [],
"aliases": [
"CVE-2021-31866"
],
"database_specific": {
"cwe_ids": [
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-04-28T07:15:00Z",
"severity": "MODERATE"
},
"details": "Redmine before 4.0.9 and 4.1.x before 4.1.3 allows an attacker to learn the values of internal authentication keys by observing timing differences in string comparison operations within SysController and MailHandlerController.",
"id": "GHSA-gv7v-mp3w-gfvh",
"modified": "2024-04-04T03:06:42Z",
"published": "2022-05-24T17:49:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31866"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00013.html"
},
{
"type": "WEB",
"url": "https://www.redmine.org/news/131"
},
{
"type": "WEB",
"url": "https://www.redmine.org/projects/redmine/wiki/Security_Advisories"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GWPQ-JG4G-7WW7
Vulnerability from github – Published: 2026-03-12 18:30 – Updated: 2026-03-12 18:30A flaw has been found in projectsend up to r1945. This impacts an unknown function of the file includes/Classes/Auth.php. Executing a manipulation of the argument ldap_email can lead to observable response discrepancy. The attack can be executed remotely. A high complexity level is associated with this attack. The exploitability is said to be difficult. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2026-4045"
],
"database_specific": {
"cwe_ids": [
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-12T17:16:52Z",
"severity": "MODERATE"
},
"details": "A flaw has been found in projectsend up to r1945. This impacts an unknown function of the file includes/Classes/Auth.php. Executing a manipulation of the argument ldap_email can lead to observable response discrepancy. The attack can be executed remotely. A high complexity level is associated with this attack. The exploitability is said to be difficult. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-gwpq-jg4g-7ww7",
"modified": "2026-03-12T18:30:31Z",
"published": "2026-03-12T18:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4045"
},
{
"type": "WEB",
"url": "https://drive.google.com/file/d/1TNwWNTcra2ykx0yXpATPmsPgJxIxOrWb/view?usp=sharing"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.350657"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.350657"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.769577"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-GWWW-55J7-6P52
Vulnerability from github – Published: 2023-05-15 12:30 – Updated: 2026-06-01 15:30Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames by analyzing challenge responses from the server via the REST interface.
{
"affected": [],
"aliases": [
"CVE-2023-23449"
],
"database_specific": {
"cwe_ids": [
"CWE-203",
"CWE-204"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-15T11:15:09Z",
"severity": "MODERATE"
},
"details": "Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker\nto gain information about valid usernames by analyzing challenge responses from the server via the\nREST interface.",
"id": "GHSA-gwww-55j7-6p52",
"modified": "2026-06-01T15:30:31Z",
"published": "2023-05-15T12:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23449"
},
{
"type": "WEB",
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json"
},
{
"type": "WEB",
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf"
},
{
"type": "WEB",
"url": "https://sick.com/psirt"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-H3QF-V68R-35JG
Vulnerability from github – Published: 2023-09-28 06:30 – Updated: 2023-10-03 21:28The commit 3730880 (April 2023) and v.0.9-beta1 of gugoan Economizzer has a user enumeration vulnerability in the login and forgot password functionalities. The app reacts differently when a user or email address is valid, and when it's not. This may allow an attacker to determine whether a user or email address is valid, or brute force valid usernames and email addresses.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "gugoan/economizzer"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "0.9-beta1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-38871"
],
"database_specific": {
"cwe_ids": [
"CWE-203"
],
"github_reviewed": true,
"github_reviewed_at": "2023-09-28T16:50:32Z",
"nvd_published_at": "2023-09-28T04:15:12Z",
"severity": "MODERATE"
},
"details": "The commit 3730880 (April 2023) and v.0.9-beta1 of gugoan Economizzer has a user enumeration vulnerability in the login and forgot password functionalities. The app reacts differently when a user or email address is valid, and when it\u0027s not. This may allow an attacker to determine whether a user or email address is valid, or brute force valid usernames and email addresses.",
"id": "GHSA-h3qf-v68r-35jg",
"modified": "2023-10-03T21:28:15Z",
"published": "2023-09-28T06:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38871"
},
{
"type": "WEB",
"url": "https://github.com/gugoan/economizzer/commit/37308802dfe00d43df396a8afaa2096ece8b7b57"
},
{
"type": "WEB",
"url": "https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38871"
},
{
"type": "PACKAGE",
"url": "https://github.com/gugoan/economizzer"
},
{
"type": "WEB",
"url": "https://www.economizzer.org"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Economizzer user enumeration vulnerability"
}
Mitigation MIT-46
Strategy: Separation of Privilege
- Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
- Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
Mitigation MIT-39
- Ensure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or optimize their original attack, thereby increasing their chances of success.
- If errors must be captured in some detail, record them in log messages, but consider what could occur if the log messages can be viewed by attackers. Highly sensitive information such as passwords should never be saved to log files.
- Avoid inconsistent messaging that might accidentally tip off an attacker about internal state, such as whether a user account exists or not.
CAPEC-189: Black Box Reverse Engineering
An adversary discovers the structure, function, and composition of a type of computer software through black box analysis techniques. 'Black Box' methods involve interacting with the software indirectly, in the absence of direct access to the executable object. Such analysis typically involves interacting with the software at the boundaries of where the software interfaces with a larger execution environment, such as input-output vectors, libraries, or APIs. Black Box Reverse Engineering also refers to gathering physical side effects of a hardware device, such as electromagnetic radiation or sounds.