VYPR

CWE-203

Observable Discrepancy

BaseIncomplete

Description

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-189

CVEs mapped to this weakness (224)

page 10 of 12
  • CVE-2021-31406Apr 23, 2021
    risk 0.00cvss epss 0.00

    Non-constant-time comparison of CSRF tokens in endpoint request handler in com.vaadin:flow-server versions 3.0.0 through 5.0.3 (Vaadin 15.0.0 through 18.0.6), and com.vaadin:fusion-endpoint version 6.0.0 (Vaadin 19.0.0) allows attacker to guess a security token for Fusion…

  • CVE-2021-31404Apr 23, 2021
    risk 0.00cvss epss 0.00

    Non-constant-time comparison of CSRF tokens in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through 1.0.13 (Vaadin 10.0.0 through 10.0.16), 1.1.0 prior to 2.0.0 (Vaadin 11 prior to 14), 2.0.0 through 2.4.6 (Vaadin 14.0.0 through 14.4.6), 3.0.0 prior to 5.0.0…

  • CVE-2021-31403Apr 23, 2021
    risk 0.00cvss epss 0.00

    Non-constant-time comparison of CSRF tokens in UIDL request handler in com.vaadin:vaadin-server versions 7.0.0 through 7.7.23 (Vaadin 7.0.0 through 7.7.23), and 8.0.0 through 8.12.2 (Vaadin 8.0.0 through 8.12.2) allows attacker to guess a security token via timing attack

  • CVE-2021-29446Apr 16, 2021
    risk 0.00cvss epss 0.01

    jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if…

  • CVE-2021-29445Apr 16, 2021
    risk 0.00cvss epss 0.01

    jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if…

  • CVE-2021-29444Apr 16, 2021
    risk 0.00cvss epss 0.01

    jose-browser-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if…

  • CVE-2021-29443Apr 16, 2021
    risk 0.00cvss epss 0.01

    jose is an npm library providing a number of cryptographic operations. In vulnerable versions AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed…

  • CVE-2020-1926Mar 16, 2021
    risk 0.00cvss epss 0.02

    Apache Hive cookie signature verification used a non constant time comparison which is known to be vulnerable to timing attacks. This could allow recovery of another users cookie signature. The issue was addressed in Apache Hive 2.3.8

  • CVE-2020-26939Nov 2, 2020
    risk 0.00cvss epss 0.01

    In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending…

  • CVE-2020-15237Oct 5, 2020
    risk 0.00cvss epss 0.01

    In Shrine before version 3.3.0, when using the `derivation_endpoint` plugin, it's possible for the attacker to use a timing attack to guess the signature of the derivation URL. The problem has been fixed by comparing sent and calculated signature in constant time, using…

  • CVE-2020-15151Aug 19, 2020
    risk 0.00cvss epss 0.01

    OpenMage LTS before versions 19.4.6 and 20.0.2 allows attackers to circumvent the `fromkey protection` in the Admin Interface and increases the attack surface for Cross Site Request Forgery attacks. This issue is related to Adobe's CVE-2020-9690. It is patched in versions 19.4.6…

  • CVE-2020-9690Jul 29, 2020
    risk 0.00cvss epss 0.02

    Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass.

  • CVE-2020-9588Jun 26, 2020
    risk 0.00cvss epss 0.03

    Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass.

  • CVE-2020-11063May 13, 2020
    risk 0.00cvss epss 0.01

    In TYPO3 CMS versions 10.4.0 and 10.4.1, it has been discovered that time-based attacks can be used with the password reset functionality for backend users. This allows an attacker to mount user enumeration based on email addresses assigned to backend user accounts. This has…

  • CVE-2020-11576Apr 8, 2020
    risk 0.00cvss epss 0.02

    Fixed in v1.5.1, Argo version v1.5.0 was vulnerable to a user-enumeration vulnerability which allowed attackers to determine the usernames of valid (non-SSO) accounts because /api/v1/session returned 401 for an existing username and 404 otherwise.

  • CVE-2020-2102Jan 29, 2020
    risk 0.00cvss epss 0.01

    Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.

  • CVE-2020-2101Jan 29, 2020
    risk 0.00cvss epss 0.01

    Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.

  • CVE-2014-9720Jan 24, 2020
    risk 0.00cvss epss 0.02

    Tornado before 3.2.2 sends arbitrary responses that contain a fixed CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests.

  • CVE-2019-20399Jan 22, 2020
    risk 0.00cvss epss 0.01

    A timing vulnerability in the Scalar::check_overflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack.

  • CVE-2019-16782Dec 18, 2019
    risk 0.00cvss epss 0.04

    There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually…