Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-203 (通过差异性导致的信息暴露) — Vulnerability Class 130

130 vulnerabilities classified as CWE-203 (通过差异性导致的信息暴露). AI Chinese analysis included.

CWE-203, Observable Discrepancy, is a design weakness where a system’s behavior or responses vary noticeably based on specific conditions, revealing internal state information to unauthorized actors. Attackers typically exploit this by crafting inputs that trigger distinct error messages, timing delays, or response codes, allowing them to infer sensitive data such as user existence or system architecture through side-channel analysis. To mitigate this risk, developers must ensure consistent error handling and response formatting across all execution paths. This involves standardizing error messages, masking internal details, and implementing uniform response times regardless of the underlying cause. By abstracting internal logic and preventing information leakage through observable differences, organizations can significantly reduce the attack surface, ensuring that external interactions remain opaque and do not inadvertently aid adversaries in reconnaissance or exploitation efforts.

MITRE CWE Description
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.
Common Consequences (2)
Confidentiality, Access ControlRead Application Data, Bypass Protection Mechanism
An attacker can gain access to sensitive information about the system, including authentication information that may allow an attacker to gain access to the system. Other security-relevant information about the operation or internal state of the product may be revealed to an unauthorized actor, such…
ConfidentialityRead Application Data
In some cases, discrepancies can be used by attackers to form a side channel. When cryptographic primitives are vulnerable to side-channel attacks, this could be used to reveal unencrypted plaintext in the worst case.
Mitigations (2)
Architecture and DesignCompartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area. Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separatio…
ImplementationEnsure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or…
Examples (2)
The following code checks validity of the supplied username and password and notifies the user of a successful or failed login.
my $username=param('username'); my $password=param('password'); if (IsValidUsername($username) == 1) { if (IsValidPassword($username, $password) == 1) { print "Login Successful"; } else { print "Login Failed - incorrect password"; } } else { print "Login Failed - unknown username"; }
Bad · Perl
"Login Failed - incorrect username or password"
Result
In this example, the attacker observes how long an authentication takes when the user types in the correct password.
def validate_password(actual_pw, typed_pw): if len(actual_pw) <> len(typed_pw): return 0 for i in len(actual_pw): if actual_pw[i] <> typed_pw[i]: return 0 return 1
Bad · Python
CVE IDTitleCVSSSeverityPublished
CVE-2023-3897 Bypassing CAPTCHA & Enumerating Usernames via Password Reset Page — SureMDM Onpremise 4.8 Medium2023-07-25
CVE-2023-3640 Kernel: x86/mm: a per-cpu entry area leak was identified through the init_cea_offsets function when prefetchnta and prefetcht2 instructions being used for the per-cpu entry area mapping to the user space — Red Hat Enterprise Linux 9 7.0 High2023-07-24
CVE-2023-3529 Rotem Dynamics Rotem CRM OTP URI Interface information exposure — Rotem CRM 5.3 Medium2023-07-06
CVE-2023-22359 User-enumeration in RestAPI — Checkmk 4.3 Medium2023-06-26
CVE-2023-34344 A vulnerability in the IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid username — MegaRAC_SPx 5.3 Medium2023-06-12
CVE-2023-32691 ginuerzh/gost vulnerable to Timing Attack — gost 5.9 Medium2023-05-30
CVE-2023-32694 Non-constant time HMAC comparison in Adyen plugin in Saleor — saleor 4.8 Medium2023-05-25
CVE-2023-0440 Observable Discrepancy in healthchecks/healthchecks — healthchecks/healthchecks 7.1 -2023-01-23
CVE-2021-4286 cocagne pysrp _ctsrp.py calculate_x information exposure — pysrp 2.6 Low2022-12-27
CVE-2022-20940 Cisco Firepower Threat Defense 安全漏洞 — Cisco Firepower Threat Defense Software 5.3 Medium2022-11-10
CVE-2021-45925 Username Enumeration — IAC-AST2500A 5.3 Medium2022-10-24
CVE-2022-36105 User Enumeration via Response Timing in TYPO3 — typo3 5.3 Medium2022-09-13
CVE-2022-20866 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability — Cisco Adaptive Security Appliance (ASA) Software 7.4 High2022-08-10
CVE-2022-27221 Siemens SINEMA Remote Connect Server 安全特征问题漏洞 — SINEMA Remote Connect Server 5.9 Medium2022-06-14
CVE-2022-0823 Zyxel GS1200 安全漏洞 — Zyxel GS1200 series firmware 6.2 Medium2022-06-07
CVE-2022-24043 多款Siemens产品安全漏洞 — Desigo DXR2 5.3 -2022-05-10
CVE-2021-33845 Username enumeration through lockout message in REST API — Splunk Enterprise 5.3 Medium2022-05-06
CVE-2022-0569 Observable Discrepancy in snipe/snipe-it — snipe/snipe-it 5.3 Medium2022-02-12
CVE-2022-22120 NocoDB - Observable Discrepancy in the password-reset feature — nocodb 5.3 Medium2022-01-10
CVE-2021-38153 Timing Attack Vulnerability for Apache Kafka Connect and Clients — Apache Kafka 5.9 -2021-09-22
CVE-2021-34576 Observable discrepancy in Kaden PICOFLUX AiR leaks water consumption — PICOFLUX AiR 4.3 Medium2021-09-16
CVE-2021-3642 Red Hat Wildfly Elytron 安全漏洞 — wildfly-elytron 7.5 -2021-08-05
CVE-2021-34575 Information Exposure in mymbCONNECT24, mbCONNECT24 <= 2.8.0 — mymbCONNECT24 7.5 High2021-08-02
CVE-2021-29621 Observable Response Discrepancy in Flask-AppBuilder — Flask-AppBuilder 5.3 Medium2021-06-07
CVE-2021-1486 Cisco SD-WAN vManage HTTP Authentication User Enumeration Vulnerability — Cisco SD-WAN vManage 5.3 Medium2021-05-06
CVE-2021-29446 Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-cjs-runtime — jose-node-cjs-runtime 5.9 Medium2021-04-16
CVE-2021-29445 Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-esm-runtime — jose-node-esm-runtime 5.9 Medium2021-04-16
CVE-2021-29444 Padding Oracle Attack due to Observable Timing Discrepancy in jose-browser-runtime — jose 5.9 Medium2021-04-16
CVE-2021-29443 Padding Oracle Attack due to Observable Timing Discrepancy in jose — jose 5.9 Medium2021-04-16
CVE-2020-3585 Cisco Firepower 1000 Series Bleichenbacher Attack Vulnerability — Cisco Adaptive Security Appliance (ASA) Software 5.3 Medium2020-10-21

Vulnerabilities classified as CWE-203 (通过差异性导致的信息暴露) represent 130 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.