Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-203 (通过差异性导致的信息暴露) — Vulnerability Class 130

130 vulnerabilities classified as CWE-203 (通过差异性导致的信息暴露). AI Chinese analysis included.

CWE-203, Observable Discrepancy, is a design weakness where a system’s behavior or responses vary noticeably based on specific conditions, revealing internal state information to unauthorized actors. Attackers typically exploit this by crafting inputs that trigger distinct error messages, timing delays, or response codes, allowing them to infer sensitive data such as user existence or system architecture through side-channel analysis. To mitigate this risk, developers must ensure consistent error handling and response formatting across all execution paths. This involves standardizing error messages, masking internal details, and implementing uniform response times regardless of the underlying cause. By abstracting internal logic and preventing information leakage through observable differences, organizations can significantly reduce the attack surface, ensuring that external interactions remain opaque and do not inadvertently aid adversaries in reconnaissance or exploitation efforts.

MITRE CWE Description
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.
Common Consequences (2)
Confidentiality, Access ControlRead Application Data, Bypass Protection Mechanism
An attacker can gain access to sensitive information about the system, including authentication information that may allow an attacker to gain access to the system. Other security-relevant information about the operation or internal state of the product may be revealed to an unauthorized actor, such…
ConfidentialityRead Application Data
In some cases, discrepancies can be used by attackers to form a side channel. When cryptographic primitives are vulnerable to side-channel attacks, this could be used to reveal unencrypted plaintext in the worst case.
Mitigations (2)
Architecture and DesignCompartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area. Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separatio…
ImplementationEnsure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or…
Examples (2)
The following code checks validity of the supplied username and password and notifies the user of a successful or failed login.
my $username=param('username'); my $password=param('password'); if (IsValidUsername($username) == 1) { if (IsValidPassword($username, $password) == 1) { print "Login Successful"; } else { print "Login Failed - incorrect password"; } } else { print "Login Failed - unknown username"; }
Bad · Perl
"Login Failed - incorrect username or password"
Result
In this example, the attacker observes how long an authentication takes when the user types in the correct password.
def validate_password(actual_pw, typed_pw): if len(actual_pw) <> len(typed_pw): return 0 for i in len(actual_pw): if actual_pw[i] <> typed_pw[i]: return 0 return 1
Bad · Python
CVE IDTitleCVSSSeverityPublished
CVE-2020-1685 Junos OS: EX4600, QFX5K Series: Stateless firewall filter matching 'user-vlan-id' will cause incomplete discard action — Junos OS 5.8 Medium2020-10-16
CVE-2020-5143 SonicWall SonicOS SSLVPN NACagent 安全漏洞 — SonicOS 5.3 -2020-10-12
CVE-2020-15151 Observable Timing Discrepancy in OpenMage LTS — magento-lts 8.0 High2020-08-19
CVE-2018-16868 GnuTLS 加密问题漏洞 — gnutls 4.6 -2018-12-03
CVE-2018-16869 Nettle 加密问题漏洞 — nettle 5.7 -2018-12-03
CVE-2018-14597 CA Technologies Identity Governance和Identity Suite Virtual Appliance 安全漏洞 — CA Identity Governance 5.3 -2018-10-17
CVE-2018-10919 Samba 信息泄露漏洞 — samba 6.5 -2018-08-22
CVE-2017-13098 BouncyCastle JCE TLS Bleichenbacher/ROBOT — BouncyCastle TLS 5.9 -2017-12-13
CVE-2017-13099 wolfSSL Bleichenbacher/ROBOT — wolfSSL 5.9 -2017-12-13
CVE-2016-9129 Revive Adserver 信息泄露漏洞 — Revive Adserver All versions before 3.2.3 5.3 -2017-03-28

Vulnerabilities classified as CWE-203 (通过差异性导致的信息暴露) represent 130 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.