VYPR

CWE-203

Observable Discrepancy

BaseIncomplete

Description

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-189

CVEs mapped to this weakness (224)

page 4 of 12
  • CVE-2023-35698MedJul 10, 2023
    risk 0.34cvss 5.3epss 0.01

    Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt.

  • CVE-2023-23449MedMay 15, 2023
    risk 0.34cvss 5.3epss 0.01

    Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames by analyzing challenge responses from the server via the REST interface.

  • CVE-2022-46392MedDec 15, 2022
    risk 0.34cvss 5.3epss 0.01

    An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim…

  • CVE-2018-1000119MedMar 7, 2018
    risk 0.32cvss 5.9epss 0.02

    Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This…

  • CVE-2016-0762MedAug 10, 2017
    risk 0.32cvss 5.9epss 0.08

    The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid…

  • CVE-2024-30171MedMay 14, 2024
    risk 0.31cvss 5.9epss 0.01

    An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.

  • CVE-2020-10932MedApr 15, 2020
    risk 0.31cvss 4.7epss 0.00

    An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by (1) reconstructing the projective coordinate of the result of scalar multiplication by…

  • CVE-2018-0495MedJun 13, 2018
    risk 0.31cvss 4.7epss 0.01

    Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden…

  • CVE-2019-14360MedNov 2, 2019
    risk 0.30cvss 4.6epss 0.00

    On Hyundai Pay Kasse HK-1000 devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in…

  • CVE-2020-10369MedNov 10, 2024
    risk 0.29cvss 5.5epss 0.00

    Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow inferences about memory content via a "Spectra" attack.

  • CVE-2020-10367MedNov 10, 2024
    risk 0.29cvss 5.5epss 0.00

    Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow memory access via a "Spectra" attack.

  • CVE-2024-23170MedJan 31, 2024
    risk 0.29cvss 5.5epss 0.00

    An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages…

  • CVE-2023-5872MedApr 16, 2026
    risk 0.28cvss 4.3epss 0.00

    In Wago Smart Designer in versions up to 2.33.1 a low privileged remote attacker may enumerate projects and usernames through iterative requests to an specific endpoint.

  • CVE-2025-9031MedSep 24, 2025
    risk 0.28cvss 4.3epss 0.00

    Observable Timing Discrepancy vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive Web allows Cross-Domain Search Timing. This issue affects DivvyDrive Web: from 4.8.2.2 before 4.8.2.15.

  • CVE-2025-23182MedMay 22, 2025
    risk 0.28cvss 4.3epss 0.00

    CWE-203: Observable Discrepancy

  • CVE-2016-20012MedSep 15, 2021
    risk 0.28cvss 5.3epss 0.05

    OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a…

  • CVE-2018-10919MedAug 22, 2018
    risk 0.28cvss 4.3epss 0.02

    The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16,…

  • CVE-2026-45294MedMay 29, 2026
    risk 0.27cvss 5.3epss 0.00

    FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.219, the password reset endpoint returns visually distinct responses depending on whether the submitted email address belongs to an existing user account, allowing unauthenticated…

  • CVE-2026-45410MedMay 28, 2026
    risk 0.27cvss 5.3epss 0.00

    TREK is a collaborative travel planner. Prior to 3.0.18, early return on missing user during login flow allowed an attacker to enumerate valid user accounts via response timing discrepancy. When an email address existed in the database, the backend performed a bcrypt password…

  • CVE-2026-26895MedApr 2, 2026
    risk 0.27cvss 5.3epss 0.00

    User enumeration vulnerability in /pwreset.php in osTicket v1.18.2 allows remote attackers to enumerate valid usernames registered in the platform.