CVEbaza.plSłownik CWECWE-208
Common Weakness Enumeration

CWE-208

Observable Timing Discrepancy

Kategoria: BaseCVE: 147
Opis

Dwie oddzielne operacje w produkcie wymagają różnych ilości czasu do wykonania w sposób obserwowany przez uczestnika, ujawniając informacje istotne dla bezpieczeństwa o stanie produktu, takie jak powodzenie lub niepowodzenie danej operacji. Takie rozbieżności czasowe mogą być wykorzystane do uzyskania wrażliwych informacji o systemie.

Description (EN)

Two separate operations in a product require different amounts of time to complete, in a way that is observable to an actor and reveals security-relevant information about the state of the product, such as whether a particular operation was successful or not.

Podatności CVE z CWE-208 (147)
9.8
CVSS
CRITICAL
CVE-2023-41313

Metoda uwierzytelniania w Apache Doris przed wersją 2.0.0 była podatna na ataki czasowe (timing attacks), umożliwiające zdalne odgadnięcie danych uwierzytelniających. Podatność uzyskała ocenę CVSS 9.8 (CRITICAL) i może prowadzić do pełnego przejęcia kontroli nad systemem.

pub. 2024-03-12
9.8
CVSS
CRITICAL
CVE-2021-43298

The code that performs password matching when using 'Basic' HTTP authentication does not use a constant-time memcmp and has no rate-limiting. This means that an unauthenticated network attacker can brute-force the HTTP basic password, byte-by-byte, by recording the webserver's response time until the unauthorized (401) response.

pub. 2022-01-25
9.0
CVSS
CRITICAL
CVE-2026-41588

RELATE, webowy system zarządzania materiałami dydaktycznymi, zawiera podatność typu timing attack w module uwierzytelniania (course/auth.py). Luka umożliwia atakującemu zdalnemu odgadnięcie tajnego klucza logowania poprzez analizę czasu odpowiedzi serwera.

pub. 2026-05-08
8.9
CVSS
HIGH
CVE-2026-23519

RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler. Prior to 0.4.4, the thumbv6m-none-eabi (Cortex M0, M0+ and M1) compiler emits non-constant time assembly when using cmovnz (portable version). This vulnerability is fixed in 0.4.4.

pub. 2026-01-15
8.7
CVSS
HIGH
CVE-2024-47178

basic-auth-connect is Connect's Basic Auth middleware in its own module. basic-auth-connect < 1.1.0 uses a timing-unsafe equality comparison that can leak timing information. This issue has been fixed in basic-auth-connect 1.1.0.

pub. 2024-09-30
8.6
CVSS
HIGH
CVE-2024-42512

Vulnerability in the OPC UA .NET Standard Stack before 1.5.374.158 allows an unauthorized attacker to bypass application authentication when the deprecated Basic128Rsa15 security policy is enabled.

pub. 2025-02-10
8.5
CVSS
HIGH
CVE-2025-53940

Quiet is an alternative to team chat apps like Slack, Discord, and Element that does not require trusting a central server or running one's own. In versions 6.1.0-alpha.4 and below, Quiet's API for backend/frontend communication was using an insecure, not constant-time comparison function for token verification. This allowed for a potential timing attack where an attacker would try different token values and observe tiny differences in the response time (wrong characters fail faster) to guess the whole token one character at a time. This is fixed in version 6.0.1.

pub. 2025-07-24
8.2
CVSS
HIGH
CVE-2026-32935

phpseclib is a PHP secure communications library. Projects using versions 0.1.1 through 1.0.26, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable to a to padding oracle timing attack when using AES in CBC mode. This issue has been fixed in versions 1.0.27, 2.0.52 and 3.0.50.

pub. 2026-03-20
8.2
CVSS
HIGH
CVE-2026-28464

OpenClaw versions prior to 2026.2.12 use non-constant-time string comparison for hook token validation, allowing attackers to infer tokens through timing measurements. Remote attackers with network access to the hooks endpoint can exploit timing side-channels across multiple requests to gradually determine the authentication token.

pub. 2026-03-05
8.2
CVSS
HIGH
CVE-2026-3337

Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. The impacted implementations are through the EVP CIPHER API: EVP_aes_128_ccm, EVP_aes_192_ccm, and EVP_aes_256_ccm. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69.0.

pub. 2026-03-02
8.2
CVSS
HIGH
CVE-2024-31074

Observable timing discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access.

pub. 2024-11-13
8.1
CVSS
HIGH
CVE-2026-47783

In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by sasl_server_userdb_checkpass.

pub. 2026-05-20
8.1
CVSS
HIGH
CVE-2026-47784

In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by sasl_server_userdb_checkpass.

pub. 2026-05-20
8.1
CVSS
HIGH
CVE-2026-42602

azureauthextension is the Azure Authenticator Extension. From 0.124.0 to 0.150.0, a server-side authentication bypass in azureauthextension allows any party who holds a single valid Azure access token for any scope the collector's configured identity can mint for to authenticate to any OpenTelemetry receiver that uses auth: azure_auth. The extension's Authenticate method does not validate incoming bearer tokens as JWTs. Instead, it calls its own configured credential to obtain an access token and compares the client's token to the result with string equality — and the scope for that server-side token request is taken from the client-supplied Host header. As a result, a token minted for any Azure resource the service principal has ever been issued a token for (ARM, Graph, Key Vault, Storage, etc.) will authenticate to the collector if the attacker picks a matching Host. Tokens are replayable for the full issued lifetime (commonly several hours for managed identity tokens).

pub. 2026-05-13
8.1
CVSS
HIGH
CVE-2024-29995

Windows Kerberos Elevation of Privilege Vulnerability

pub. 2024-08-13
8.0
CVSS
HIGH
CVE-2023-25529

NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may lead to information disclosure, escalation of privileges, and data tampering.

pub. 2023-09-20
7.5
CVSS
HIGH
CVE-2026-47373

Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash.

pub. 2026-05-20
7.5
CVSS
HIGH
CVE-2026-40972

An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the remote secret. In extreme circumstances this could result in the attacker determining the secret and uploading changed classes, thereby achieving remote code execution in the remote application. Affected: Spring Boot 4.0.0–4.0.5 (fix 4.0.6), 3.5.0–3.5.13 (fix 3.5.14), 3.4.0–3.4.15 (fix 3.4.16), 3.3.0–3.3.18 (fix 3.3.19), 2.7.0–2.7.32 (fix 2.7.33); DevTools remote secret comparison. Versions that are no longer supported are also affected per vendor advisory.

pub. 2026-04-28
7.5
CVSS
HIGH
CVE-2026-5086

Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in timing could be used to guess the secret password.

pub. 2026-04-13
7.5
CVSS
HIGH
CVE-2025-70949

An observable timing discrepancy in @perfood/couch-auth v0.26.0 allows attackers to access sensitive information via a timing side-channel.

pub. 2026-03-05
Pokazano 20 z 147 podatności
Informacje
ID: CWE-208
Typ: Base
Podatności: 147
MITRE CWE ↗
← Słownik CWE
CWE-208 — Obserwowalna Rozbieżność Czasowa | Słownik CWE | CVEbaza.pl