Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-208 (通过时间差异性导致的信息暴露) — Vulnerability Class 103

103 vulnerabilities classified as CWE-208 (通过时间差异性导致的信息暴露). AI Chinese analysis included.

CWE-208 represents an information leakage weakness where an application’s response time varies based on internal state, inadvertently revealing sensitive data to external observers. Attackers typically exploit this by measuring the duration of operations, such as login attempts or database queries, to infer the existence of valid usernames or correct password characters. By analyzing these subtle timing differences, adversaries can bypass authentication mechanisms or extract confidential information without direct access. To mitigate this risk, developers must ensure that all security-critical operations take a constant amount of time, regardless of the outcome. This involves implementing uniform error handling, using constant-time comparison algorithms for secrets, and avoiding early returns that expose processing stages. By standardizing execution duration, applications prevent attackers from leveraging timing discrepancies to gain unauthorized insights into system states or credentials.

MITRE CWE Description
Two separate operations in a product require different amounts of time to complete, in a way that is observable to an actor and reveals security-relevant information about the state of the product, such as whether a particular operation was successful or not. In security-relevant contexts, even small variations in timing can be exploited by attackers to indirectly infer certain details about the product's internal operations. For example, in some cryptographic algorithms, attackers can use timing differences to infer certain properties about a private key, making the key easier to guess. Timing discrepancies effectively form a timing side channel.
Common Consequences (1)
Confidentiality, Access ControlRead Application Data, Bypass Protection Mechanism
Examples (2)
Consider an example hardware module that checks a user-provided password to grant access to a user. The user-provided password is compared against a golden value in a byte-by-byte manner.
always_comb @ (posedge clk) begin assign check_pass[3:0] = 4'b0; for (i = 0; i < 4; i++) begin if (entered_pass[(i*8 - 1) : i] eq golden_pass([i*8 - 1) : i]) assign check_pass[i] = 1; continue; else assign check_pass[i] = 0; break; end assign grant_access = (check_pass == 4'b1111) ? 1'b1: 1'b0; end
Bad · Verilog
always_comb @ (posedge clk) begin assign check_pass[3:0] = 4'b0; for (i = 0; i < 4; i++) begin if (entered_pass[(i*8 - 1) : i] eq golden_pass([i*8 -1) : i]) assign check_pass[i] = 1; continue; else assign check_pass[i] = 0; continue; end assign grant_access = (check_pass == 4'b1111) ? 1'b1: 1'b0; end
Good · Verilog
In this example, the attacker observes how long an authentication takes when the user types in the correct password.
def validate_password(actual_pw, typed_pw): if len(actual_pw) <> len(typed_pw): return 0 for i in len(actual_pw): if actual_pw[i] <> typed_pw[i]: return 0 return 1
Bad · Python
CVE IDTitleCVSSSeverityPublished
CVE-2020-35165 Dell BSAFE Micro Edition Suite 安全漏洞 — Dell BSAFE Crypto-C Micro Edition 5.1 Medium2024-05-22
CVE-2024-2467 Perl-crypt-openssl-rsa: side-channel attack in pkcs#1 v1.5 padding mode (marvin attack) 5.9 Medium2024-04-25
CVE-2024-3296 Rust-openssl: timing based side-channel can lead to a bleichenbacher style attack 5.9 Medium2024-04-04
CVE-2023-41313 Apache Doris: Timing Attack weakness — Apache Doris 5.9AIMediumAI2024-03-12
CVE-2024-0202 Cryptlib: rsa key exchange ciphersuites in tls vulnerable to marvin attack 5.9 Medium2024-02-05
CVE-2021-21575 Dell BSAFE Micro Edition Suite 安全漏洞 — BSAFE Micro Edition Suite 5.9 Medium2024-02-02
CVE-2024-21671 vantage6 username timing attack — vantage6 3.7 Low2024-01-30
CVE-2023-41097 Potential Timing vulnerability in CBC PKCS7 padding calculations — GSDK 4.6 Medium2023-12-21
CVE-2023-5981 Gnutls: timing side-channel in the rsa-psk authentication — Red Hat Enterprise Linux 8 5.9 Medium2023-11-28
CVE-2022-25332 SK_LOAD timing side channel during AES module decryption in Texas Instruments OMAP L138 — OMAP 4.4 Medium2023-10-19
CVE-2023-25529 NVIDIA DGX 安全漏洞 — DGX H100 BMC 8.0 High2023-09-20
CVE-2023-40182 silverware-io-issue-tracker server responds in a noticeably different amount of time depending if a given email address exists or not — silverwaregames-io-issue-tracker 3.7 Low2023-08-25
CVE-2023-25000 Vault Vulnerable to Cache-Timing Attacks During Seal and Unseal Operations — Vault 5.0 Medium2023-03-30
CVE-2023-1538 Observable Timing Discrepancy in answerdev/answer — answerdev/answer 8.2 -2023-03-21
CVE-2023-25806 Time discrepancy in authentication responses in OpenSearch — security 5.3 -2023-03-02
CVE-2010-10006 michaelliao jopenid OpenIdManager.java getAuthentication timing discrepancy — jopenid 2.6 Low2023-01-17
CVE-2022-42288 NVIDIA BMC 安全漏洞 — NVIDIA DGX servers 5.3 Medium2023-01-13
CVE-2016-15015 viafintech Barzahlen Payment Module PHP SDK Webhook.php verify timing discrepancy — Barzahlen Payment Module PHP SDK 2.6 Low2023-01-08
CVE-2014-125056 Pylons horus services.py timing discrepancy — horus 2.6 Low2023-01-07
CVE-2014-125055 agnivade easy-scrypt scrypt.go VerifyPassphrase timing discrepancy — easy-scrypt 2.6 Low2023-01-07
CVE-2013-10006 Ziftr primecoin bitcoinrpc.cpp HTTPAuthorized timing discrepancy — primecoin 2.6 Low2023-01-01
CVE-2022-4823 InSTEDD Nuntium geopoll_controller.rb timing discrepancy — Nuntium 3.1 Low2022-12-28
CVE-2021-4294 OpenShift OSIN CheckClientSecret timing discrepancy — OSIN 2.6 Low2022-12-28
CVE-2022-39308 GoCD API authentication of user access tokens subject to timing attack during comparison — gocd 6.5 Medium2022-10-14
CVE-2022-31142 Potential Timing Attack Vector in @fastify/bearer-auth — fastify-bearer-auth 7.5 High2022-07-14
CVE-2022-20752 Cisco Unified Communications Products Timing Attack Vulnerability — Cisco Unified Communications Manager 5.3 Medium2022-07-06
CVE-2022-29185 Observable Timing Discrepancy in totp-rs — totp-rs 4.2 Medium2022-05-20
CVE-2021-42016 Siemens RUGGEDCOM 安全漏洞 — RUGGEDCOM i800 7.5 High2022-03-08
CVE-2021-43298 Embedthis Software GoAhead 安全漏洞 — goahead 9.1 -2022-01-25
CVE-2021-26318 Side-channels Related to the x86 PREFETCH Instruction — All supported processors 4.7 -2021-10-13

Vulnerabilities classified as CWE-208 (通过时间差异性导致的信息暴露) represent 103 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.