CWE-203
Observable Discrepancy
Description
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-189
CVEs mapped to this weakness (224)
page 4 of 12| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-35698 | Med | 0.34 | 5.3 | 0.01 | Jul 10, 2023 | Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt. | ||
| CVE-2023-23449 | Med | 0.34 | 5.3 | 0.01 | May 15, 2023 | Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames by analyzing challenge responses from the server via the REST interface. | ||
| CVE-2022-46392 | Med | 0.34 | 5.3 | 0.01 | Dec 15, 2022 | An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim… | ||
| CVE-2018-1000119 | — | Med | 0.32 | 5.9 | 0.02 | Mar 7, 2018 | Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This… | |
| CVE-2016-0762 | Med | 0.32 | 5.9 | 0.08 | Aug 10, 2017 | The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid… | ||
| CVE-2024-30171 | Med | 0.31 | 5.9 | 0.01 | May 14, 2024 | An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing. | ||
| CVE-2020-10932 | Med | 0.31 | 4.7 | 0.00 | Apr 15, 2020 | An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by (1) reconstructing the projective coordinate of the result of scalar multiplication by… | ||
| CVE-2018-0495 | Med | 0.31 | 4.7 | 0.01 | Jun 13, 2018 | Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden… | ||
| CVE-2019-14360 | Med | 0.30 | 4.6 | 0.00 | Nov 2, 2019 | On Hyundai Pay Kasse HK-1000 devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in… | ||
| CVE-2020-10369 | Med | 0.29 | 5.5 | 0.00 | Nov 10, 2024 | Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow inferences about memory content via a "Spectra" attack. | ||
| CVE-2020-10367 | Med | 0.29 | 5.5 | 0.00 | Nov 10, 2024 | Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow memory access via a "Spectra" attack. | ||
| CVE-2024-23170 | Med | 0.29 | 5.5 | 0.00 | Jan 31, 2024 | An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages… | ||
| CVE-2023-5872 | Med | 0.28 | 4.3 | 0.00 | Apr 16, 2026 | In Wago Smart Designer in versions up to 2.33.1 a low privileged remote attacker may enumerate projects and usernames through iterative requests to an specific endpoint. | ||
| CVE-2025-9031 | Med | 0.28 | 4.3 | 0.00 | Sep 24, 2025 | Observable Timing Discrepancy vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive Web allows Cross-Domain Search Timing. This issue affects DivvyDrive Web: from 4.8.2.2 before 4.8.2.15. | ||
| CVE-2025-23182 | — | Med | 0.28 | 4.3 | 0.00 | May 22, 2025 | CWE-203: Observable Discrepancy | |
| CVE-2016-20012 | Med | 0.28 | 5.3 | 0.05 | Sep 15, 2021 | OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a… | ||
| CVE-2018-10919 | Med | 0.28 | 4.3 | 0.02 | Aug 22, 2018 | The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16,… | ||
| CVE-2026-45294 | Med | 0.27 | 5.3 | 0.00 | May 29, 2026 | FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.219, the password reset endpoint returns visually distinct responses depending on whether the submitted email address belongs to an existing user account, allowing unauthenticated… | ||
| CVE-2026-45410 | Med | 0.27 | 5.3 | 0.00 | May 28, 2026 | TREK is a collaborative travel planner. Prior to 3.0.18, early return on missing user during login flow allowed an attacker to enumerate valid user accounts via response timing discrepancy. When an email address existed in the database, the backend performed a bcrypt password… | ||
| CVE-2026-26895 | Med | 0.27 | 5.3 | 0.00 | Apr 2, 2026 | User enumeration vulnerability in /pwreset.php in osTicket v1.18.2 allows remote attackers to enumerate valid usernames registered in the platform. |
- risk 0.34cvss 5.3epss 0.01
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt.
- risk 0.34cvss 5.3epss 0.01
Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames by analyzing challenge responses from the server via the REST interface.
- risk 0.34cvss 5.3epss 0.01
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim…
- risk 0.32cvss 5.9epss 0.02
Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This…
- risk 0.32cvss 5.9epss 0.08
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid…
- risk 0.31cvss 5.9epss 0.01
An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.
- risk 0.31cvss 4.7epss 0.00
An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by (1) reconstructing the projective coordinate of the result of scalar multiplication by…
- risk 0.31cvss 4.7epss 0.01
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden…
- risk 0.30cvss 4.6epss 0.00
On Hyundai Pay Kasse HK-1000 devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in…
- risk 0.29cvss 5.5epss 0.00
Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow inferences about memory content via a "Spectra" attack.
- risk 0.29cvss 5.5epss 0.00
Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow memory access via a "Spectra" attack.
- risk 0.29cvss 5.5epss 0.00
An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages…
- risk 0.28cvss 4.3epss 0.00
In Wago Smart Designer in versions up to 2.33.1 a low privileged remote attacker may enumerate projects and usernames through iterative requests to an specific endpoint.
- risk 0.28cvss 4.3epss 0.00
Observable Timing Discrepancy vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive Web allows Cross-Domain Search Timing. This issue affects DivvyDrive Web: from 4.8.2.2 before 4.8.2.15.
- risk 0.28cvss 4.3epss 0.00
CWE-203: Observable Discrepancy
- risk 0.28cvss 5.3epss 0.05
OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a…
- risk 0.28cvss 4.3epss 0.02
The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16,…
- risk 0.27cvss 5.3epss 0.00
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.219, the password reset endpoint returns visually distinct responses depending on whether the submitted email address belongs to an existing user account, allowing unauthenticated…
- risk 0.27cvss 5.3epss 0.00
TREK is a collaborative travel planner. Prior to 3.0.18, early return on missing user during login flow allowed an attacker to enumerate valid user accounts via response timing discrepancy. When an email address existed in the database, the backend performed a bcrypt password…
- risk 0.27cvss 5.3epss 0.00
User enumeration vulnerability in /pwreset.php in osTicket v1.18.2 allows remote attackers to enumerate valid usernames registered in the platform.