CVEbaza.plCWE DictionaryCWE-203
Common Weakness Enumeration

CWE-203

Observable Discrepancy

Category: BaseCVE: 854
Description

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

CVE vulnerabilities with CWE-203 (854)
9.8
CVSS
CRITICAL
CVE-2025-27667

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Administrative User Email Enumeration OVE-20230524-0011.

pub. 2025-03-05
9.8
CVSS
CRITICAL
CVE-2024-25714

In Rhonabwy through 1.1.13, HMAC signature verification uses a strcmp function that is vulnerable to side-channel attacks, because it stops the comparison when the first difference is spotted in the two signatures. (The fix uses gnutls_memcmp, which has constant-time execution.)

pub. 2024-02-11
9.8
CVSS
CRITICAL
CVE-2024-25189

libjwt 1.15.3 uses strcmp (which is not constant time) to verify authentication, which makes it easier to bypass authentication via a timing side channel.

pub. 2024-02-08
9.8
CVSS
CRITICAL
CVE-2024-25190

l8w8jwt 2.2.1 uses memcmp (which is not constant time) to verify authentication, which makes it easier to bypass authentication via a timing side channel.

pub. 2024-02-08
9.8
CVSS
CRITICAL
CVE-2024-25191

php-jwt 1.0.0 uses strcmp (which is not constant time) to verify authentication, which makes it easier to bypass authentication via a timing side channel.

pub. 2024-02-08
9.8
CVSS
CRITICAL
CVE-2024-23771

darkhttpd before 1.15 uses strcmp (which is not constant time) to verify authentication, which makes it easier for remote attackers to bypass authentication via a timing side channel.

pub. 2024-01-22
9.8
CVSS
CRITICAL
CVE-2023-40756

User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

pub. 2023-08-28
9.8
CVSS
CRITICAL
CVE-2022-23303

The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.

pub. 2022-01-17
9.8
CVSS
CRITICAL
CVE-2022-23304

The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.

pub. 2022-01-17
9.8
CVSS
CRITICAL
CVE-2019-10071

The code which checks HMAC in form submissions used String.equals() for comparisons, which results in a timing side channel for the comparison of the HMAC signatures. This could lead to remote code execution if an attacker is able to determine the correct signature for their payload. The comparison should be done with a constant time algorithm instead.

pub. 2019-09-16
9.8
CVSS
CRITICAL
CVE-2018-1000884

Vesta CP version Prior to commit f6f6f9cfbbf2979e301956d1c6ab5c44386822c0 -- any release prior to 0.9.8-18 contains a CWE-208 / Information Exposure Through Timing Discrepancy vulnerability in Password reset code -- web/reset/index.php, line 51 that can result in Possible to determine password reset codes, attacker is able to change administrator password. This attack appear to be exploitable via Unauthenticated network connectivity. This vulnerability appears to have been fixed in After commit f6f6f9cfbbf2979e301956d1c6ab5c44386822c0 -- release version 0.9.8-19.

pub. 2018-12-20
9.1
CVSS
CRITICAL
CVE-2025-10890

Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

pub. 2025-09-24
9.1
CVSS
CRITICAL
CVE-2023-26556

io.finnet tss-lib before 2.0.0 can leak a secret key via a timing side-channel attack because it relies on the scalar-multiplication implementation in Go crypto/elliptic, which is not constant time (there is an if statement in a loop). One leak is in ecdsa/keygen/round_2.go. (bnb-chain/tss-lib and thorchain/tss are also affected.)

pub. 2023-04-21
9.1
CVSS
CRITICAL
CVE-2022-40895

In certain Nedi products, a vulnerability in the web UI of NeDi login & Community login could allow an unauthenticated, remote attacker to affect the integrity of a device via a User Enumeration vulnerability. The vulnerability is due to insecure design, where a difference in forgot password utility could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users. This affects NeDi 1.0.7 for OS X 1.0.7 <= and NeDi for Suse 1.0.7 <= and NeDi for FreeBSD 1.0.7 <=.

pub. 2022-10-06
9.0
CVSS
CRITICAL
CVE-2026-41588

RELATE is a web-based courseware package. Prior to commit 2f68e16, there is a timing attack vulnerability in course/auth.py — check_sign_in_key(). This issue has been patched via commit 2f68e16.

pub. 2026-05-08
9.0
CVSS
CRITICAL
CVE-2021-1924

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

pub. 2021-11-12
8.9
CVSS
HIGH
CVE-2026-23519

RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler. Prior to 0.4.4, the thumbv6m-none-eabi (Cortex M0, M0+ and M1) compiler emits non-constant time assembly when using cmovnz (portable version). This vulnerability is fixed in 0.4.4.

pub. 2026-01-15
8.7
CVSS
HIGH
CVE-2023-54357

Joomla com_booking component 2.4.9 contains an information disclosure vulnerability that allows unauthenticated attackers to enumerate user accounts by exploiting the getUserData function in the customer controller. Attackers can send GET requests to index.php with option=com_booking, controller=customer, task=getUserData, and an id parameter to retrieve user names, usernames, and email addresses through brute force enumeration.

pub. 2026-06-19
8.7
CVSS
HIGH
CVE-2025-40732

user enumeration vulnerability in Daily Expense Manager v1.0. To exploit this vulnerability a POST request must be sent using the name parameter in /check.php

pub. 2025-06-30
8.6
CVSS
HIGH
CVE-2020-3509

A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient error handling when DHCP version 4 (DHCPv4) messages are parsed. An attacker could exploit this vulnerability by sending a malicious DHCPv4 message to or through a WAN interface of an affected device. A successful exploit could allow the attacker to cause a reload of the affected device. Note: On Cisco cBR-8 Converged Broadband Routers, all of the following are considered WAN interfaces: 10 Gbps Ethernet interfaces 100 Gbps Ethernet interfaces Port channel interfaces that include multiple 10 and/or 100 Gbps Ethernet interfaces

pub. 2020-09-24
Showing 20 of 854 vulnerabilities
Information
ID: CWE-203
Type: Base
Vulnerabilities: 854
MITRE CWE ↗
← CWE Dictionary