Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-203 (通过差异性导致的信息暴露) — Vulnerability Class 130

130 vulnerabilities classified as CWE-203 (通过差异性导致的信息暴露). AI Chinese analysis included.

CWE-203, Observable Discrepancy, is a design weakness where a system’s behavior or responses vary noticeably based on specific conditions, revealing internal state information to unauthorized actors. Attackers typically exploit this by crafting inputs that trigger distinct error messages, timing delays, or response codes, allowing them to infer sensitive data such as user existence or system architecture through side-channel analysis. To mitigate this risk, developers must ensure consistent error handling and response formatting across all execution paths. This involves standardizing error messages, masking internal details, and implementing uniform response times regardless of the underlying cause. By abstracting internal logic and preventing information leakage through observable differences, organizations can significantly reduce the attack surface, ensuring that external interactions remain opaque and do not inadvertently aid adversaries in reconnaissance or exploitation efforts.

MITRE CWE Description
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.
Common Consequences (2)
Confidentiality, Access ControlRead Application Data, Bypass Protection Mechanism
An attacker can gain access to sensitive information about the system, including authentication information that may allow an attacker to gain access to the system. Other security-relevant information about the operation or internal state of the product may be revealed to an unauthorized actor, such…
ConfidentialityRead Application Data
In some cases, discrepancies can be used by attackers to form a side channel. When cryptographic primitives are vulnerable to side-channel attacks, this could be used to reveal unencrypted plaintext in the worst case.
Mitigations (2)
Architecture and DesignCompartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area. Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separatio…
ImplementationEnsure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or…
Examples (2)
The following code checks validity of the supplied username and password and notifies the user of a successful or failed login.
my $username=param('username'); my $password=param('password'); if (IsValidUsername($username) == 1) { if (IsValidPassword($username, $password) == 1) { print "Login Successful"; } else { print "Login Failed - incorrect password"; } } else { print "Login Failed - unknown username"; }
Bad · Perl
"Login Failed - incorrect username or password"
Result
In this example, the attacker observes how long an authentication takes when the user types in the correct password.
def validate_password(actual_pw, typed_pw): if len(actual_pw) <> len(typed_pw): return 0 for i in len(actual_pw): if actual_pw[i] <> typed_pw[i]: return 0 return 1
Bad · Python
CVE IDTitleCVSSSeverityPublished
CVE-2026-44263 Weblate: Private Translation Enumeration via Screenshot API — weblate 4.3 Medium2026-05-07
CVE-2023-5872 Wago: Vulnerability in Smart Designer Web-Application — Smart Designer 4.3 Medium2026-04-16
CVE-2026-33429 Parse Server: Protected field change detection oracle via LiveQuery watch parameter — parse-server 3.7 -2026-03-24
CVE-2026-33425 Discourse has inferable private group membership or existence via exclude_groups parameter — discourse 5.3 -2026-03-20
CVE-2026-3580 Compiler-induced timing leak in sp_256_get_entry_256_9 on RISC-V — wolfSSL 5.5 -2026-03-19
CVE-2026-3579 Non-constant time multiplication subroutine __muldi3 on RISC-V RV32I — wolfSSL 7.5 -2026-03-19
CVE-2026-28490 Authlib Vulnerable to JWE RSA1_5 Bleichenbacher Padding Oracle — authlib--2026-03-16
CVE-2026-21386 Private channel enumeration via /mute slash command — Mattermost 4.3 Medium2026-03-16
CVE-2026-4040 OpenClaw File Existence tools.exec.safeBins information exposure — OpenClaw 3.3 Low2026-03-12
CVE-2026-26315 Go Ethereum Improperly Validates the ECIES Public Key in RLPx Handshake — go-ethereum 7.5 -2026-02-19
CVE-2026-23621 GFI MailEssentials AI < 22.4 ListServer.IsPathExist() Absolute Directory Traversal to File Enumeration — MailEssentials AI 4.3 Medium2026-02-19
CVE-2026-23620 GFI MailEssentials AI < 22.4 ListServer.IsDbExist() Absolute Directory Traversal to File Enumeration — MailEssentials AI 4.3 Medium2026-02-19
CVE-2019-25337 OwnCloud 8.1.8 - Username Disclosure — OwnCloud 9.8 Critical2026-02-12
CVE-2026-26185 Directus Affected by User Enumeration via Password Reset Timing Attack — directus 5.3 Medium2026-02-12
CVE-2026-25562 WeKan < 8.19 Attachments Publication Information Disclosure — WeKan 5.3AIMediumAI2026-02-07
CVE-2026-21484 AnythingLLM Vulnerable to Username Enumeration w/ Password Recovery — anything-llm 5.3 Medium2026-01-03
CVE-2022-50800 H3C SSL VPN n/a Username Enumeration via Login Script Credential Verification — H3C SSL VPN 7.5 High2025-12-30
CVE-2023-53943 GLPI 9.5.7 Username Enumeration Vulnerability via Lost Password Endpoint — GLPI 5.3 Medium2025-12-18
CVE-2025-68164 JetBrains TeamCity 安全漏洞 — TeamCity 2.7 Low2025-12-16
CVE-2025-13912 Potential non-constant time compiled code with Clang LLVM — wolfSSL 2.9AILowAI2025-12-11
CVE-2020-36888 SpinetiX Fusion Digital Signage 3.4.8 Username Enumeration via Login Script — Fusion Digital Signage 5.3AIMediumAI2025-12-10
CVE-2025-39665 Livestatus Injection in dynmaps — Nagvis 5.3AIMediumAI2025-12-03
CVE-2025-11932 Timing Side-Channel in PSK Binder Verification — wolfSSL 5.9 -2025-11-21
CVE-2025-12888 Constant Time Issue with Xtensa-based ESP32 and X22519 — wolfSSL 5.9 -2025-11-21
CVE-2025-64749 Directus Vulnerable to Information Leakage in Existing Collections — directus 4.3 Medium2025-11-13
CVE-2025-11145 User Enumeration in CBK Soft's enVision — enVision 7.5 High2025-10-24
CVE-2025-36225 IBM Aspera Faspex information disclosure — Aspera Faspex 4.3 Medium2025-10-09
CVE-2025-11443 JhumanJ OpnForm Forgotten Password email information exposure — OpnForm 3.7 Low2025-10-08
CVE-2025-54477 Joomla! Core - [20250902] User-Enumeration in passkey authentication method — Joomla! CMS 5.3AIMediumAI2025-09-30
CVE-2025-41252 Username enumeration vulnerability — NSX 7.5 High2025-09-29

Vulnerabilities classified as CWE-203 (通过差异性导致的信息暴露) represent 130 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.