CWE-203
AllowedObservable Discrepancy
Abstraction: Base · Status: Incomplete
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.
836 vulnerabilities reference this CWE, most recent first.
GHSA-C6WG-CM5X-RQVJ
Vulnerability from github – Published: 2023-03-07 17:38 – Updated: 2023-03-07 17:38Impact
There is an observable discrepancy in the authentication response time between calls where the user provided exists and calls where it does not. This issue only affects calls using the internal basic identity provider (IdP), and not other externally configured IdPs.
Patches
OpenSearch 1.3.9 and 2.6.0
Workarounds
None.
References
If you have any questions or comments about this advisory, please contact AWS/Amazon Security using our issue reporting page [1] or directly via email [2]. Please do not create a public GitHub issue.
[1] AWS Security issue reporting page: https://aws.amazon.com/security/vulnerability-reporting/ [2] AWS Security email: aws-security@amazon.com
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.opensearch.plugin:opensearch-security"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.3.9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.opensearch.plugin:opensearch-security"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.0"
},
{
"fixed": "2.6.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-25806"
],
"database_specific": {
"cwe_ids": [
"CWE-203",
"CWE-208"
],
"github_reviewed": true,
"github_reviewed_at": "2023-03-07T17:38:38Z",
"nvd_published_at": "2023-03-02T04:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\nThere is an observable discrepancy in the authentication response time between calls where the user provided exists and calls where it does not. This issue only affects calls using the internal basic identity provider (IdP), and not other externally configured IdPs.\n\n### Patches\nOpenSearch 1.3.9 and 2.6.0\n\n### Workarounds\nNone.\n\n### References\nIf you have any questions or comments about this advisory, please contact AWS/Amazon Security using our issue reporting page [1] or directly via email [2]. Please do not create a public GitHub issue.\n\n[1] AWS Security issue reporting page: https://aws.amazon.com/security/vulnerability-reporting/\n[2] AWS Security email: [aws-security@amazon.com](mailto:aws-security@amazon.com)",
"id": "GHSA-c6wg-cm5x-rqvj",
"modified": "2023-03-07T17:38:38Z",
"published": "2023-03-07T17:38:38Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/opensearch-project/security/security/advisories/GHSA-c6wg-cm5x-rqvj"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25806"
},
{
"type": "WEB",
"url": "https://github.com/opensearch-project/security/pull/2472"
},
{
"type": "PACKAGE",
"url": "https://github.com/opensearch-project/security"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "OpenSearch has time discrepancy in authentication responses"
}
GHSA-C6XH-PW62-QH2J
Vulnerability from github – Published: 2022-05-24 17:00 – Updated: 2024-04-04 02:37On Archos Safe-T devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data.
{
"affected": [],
"aliases": [
"CVE-2019-14358"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-11-02T17:15:00Z",
"severity": "MODERATE"
},
"details": "On Archos Safe-T devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. In other words, the side channel is relevant only if the attacker has enough control over the device\u0027s USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data.",
"id": "GHSA-c6xh-pw62-qh2j",
"modified": "2024-04-04T02:37:42Z",
"published": "2022-05-24T17:00:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14358"
},
{
"type": "WEB",
"url": "https://blog.inhq.net/posts/oled-side-channel-status-summary"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C76G-76CJ-G742
Vulnerability from github – Published: 2022-05-24 16:57 – Updated: 2024-04-04 02:08Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because the Atmel Toolbox 00.03.11.05 contains two versions of ECDSA signature functions, described as fast and secure, but the affected cards chose to use the fast version, which leaks the bit length of the random nonce via timing. This affects Athena IDProtect 010b.0352.0005, Athena IDProtect 010e.1245.0002, Athena IDProtect 0106.0130.0401, Athena IDProtect 010e.1245.0002, Valid S/A IDflex V 010b.0352.0005, SafeNet eToken 4300 010e.1245.0002, TecSec Armored Card 010e.0264.0001, and TecSec Armored Card 108.0264.0001.
{
"affected": [],
"aliases": [
"CVE-2019-15809"
],
"database_specific": {
"cwe_ids": [
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-10-03T14:15:00Z",
"severity": "MODERATE"
},
"details": "Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because the Atmel Toolbox 00.03.11.05 contains two versions of ECDSA signature functions, described as fast and secure, but the affected cards chose to use the fast version, which leaks the bit length of the random nonce via timing. This affects Athena IDProtect 010b.0352.0005, Athena IDProtect 010e.1245.0002, Athena IDProtect 0106.0130.0401, Athena IDProtect 010e.1245.0002, Valid S/A IDflex V 010b.0352.0005, SafeNet eToken 4300 010e.1245.0002, TecSec Armored Card 010e.0264.0001, and TecSec Armored Card 108.0264.0001.",
"id": "GHSA-c76g-76cj-g742",
"modified": "2024-04-04T02:08:25Z",
"published": "2022-05-24T16:57:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15809"
},
{
"type": "WEB",
"url": "https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/details?source=ECDSA\u0026number=214"
},
{
"type": "WEB",
"url": "https://eprint.iacr.org/2011/232.pdf"
},
{
"type": "WEB",
"url": "https://minerva.crocs.fi.muni.cz"
},
{
"type": "WEB",
"url": "https://tches.iacr.org/index.php/TCHES/article/view/7337"
},
{
"type": "WEB",
"url": "https://www.ssi.gouv.fr/certification_cc/bibliotheque-cryptographique-atmel-toolbox-00-03-11-05"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2019/10/02/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C7RP-5PRQ-C624
Vulnerability from github – Published: 2024-02-02 18:30 – Updated: 2024-02-09 21:30Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.
{
"affected": [],
"aliases": [
"CVE-2021-21575"
],
"database_specific": {
"cwe_ids": [
"CWE-203",
"CWE-208"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-02T16:15:45Z",
"severity": "MODERATE"
},
"details": "\nDell BSAFE Micro Edition Suite,\u00a0versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.\n\n",
"id": "GHSA-c7rp-5prq-c624",
"modified": "2024-02-09T21:30:57Z",
"published": "2024-02-02T18:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21575"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000189462/dsa-2021-131-dell-bsafetm-micro-edition-suite-multiple-vulnerabilities"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-C7VV-QR7X-G477
Vulnerability from github – Published: 2022-04-29 03:01 – Updated: 2022-04-29 03:01The firewall in Astaro Security Linux before 4.024 sends responses to SYN-FIN packets, which makes it easier for remote attackers to obtain information about the system and construct specialized attacks.
{
"affected": [],
"aliases": [
"CVE-2004-2252"
],
"database_specific": {
"cwe_ids": [
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2004-12-31T05:00:00Z",
"severity": "MODERATE"
},
"details": "The firewall in Astaro Security Linux before 4.024 sends responses to SYN-FIN packets, which makes it easier for remote attackers to obtain information about the system and construct specialized attacks.",
"id": "GHSA-c7vv-qr7x-g477",
"modified": "2022-04-29T03:01:05Z",
"published": "2022-04-29T03:01:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2004-2252"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17960"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/13089"
},
{
"type": "WEB",
"url": "http://securitytracker.com/id?1012065"
},
{
"type": "WEB",
"url": "http://www.astaro.org/showflat.php?Cat=\u0026Number=51459\u0026page=0\u0026view=collapsed\u0026sb=5\u0026o=\u0026fpart=1#51459"
},
{
"type": "WEB",
"url": "http://www.osvdb.org/11407"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-CF4Q-V7MM-G53Q
Vulnerability from github – Published: 2024-09-03 21:31 – Updated: 2024-09-12 21:32Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack (that requires physical access and expensive equipment) in which an electromagnetic side channel is present because of a non-constant-time modular inversion for the Extended Euclidean Algorithm, aka the EUCLEAK issue. Other uses of an Infineon cryptographic library may also be affected.
{
"affected": [],
"aliases": [
"CVE-2024-45678"
],
"database_specific": {
"cwe_ids": [
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-03T20:15:08Z",
"severity": "MODERATE"
},
"details": "Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack (that requires physical access and expensive equipment) in which an electromagnetic side channel is present because of a non-constant-time modular inversion for the Extended Euclidean Algorithm, aka the EUCLEAK issue. Other uses of an Infineon cryptographic library may also be affected.",
"id": "GHSA-cf4q-v7mm-g53q",
"modified": "2024-09-12T21:32:01Z",
"published": "2024-09-03T21:31:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45678"
},
{
"type": "WEB",
"url": "https://arstechnica.com/security/2024/09/yubikeys-are-vulnerable-to-cloning-attacks-thanks-to-newly-discovered-side-channel"
},
{
"type": "WEB",
"url": "https://news.ycombinator.com/item?id=41434500"
},
{
"type": "WEB",
"url": "https://ninjalab.io/eucleak"
},
{
"type": "WEB",
"url": "https://ninjalab.io/wp-content/uploads/2024/09/20240903_eucleak.pdf"
},
{
"type": "WEB",
"url": "https://support.yubico.com/hc/en-us/articles/15705749884444"
},
{
"type": "WEB",
"url": "https://www.yubico.com/support/security-advisories/ysa-2024-03"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-CG5M-P8PG-93CG
Vulnerability from github – Published: 2024-02-26 18:30 – Updated: 2025-03-27 12:30Theoretically, it would be possible for an attacker to brute-force the password for an instance in single-user password protection mode via a timing attack given the linear nature of the !== used for comparison.
The risk is minified by the additional overhead of the request, which varies in a non-constant nature making the attack less reliable to execute
{
"affected": [],
"aliases": [
"CVE-2024-0436"
],
"database_specific": {
"cwe_ids": [
"CWE-203",
"CWE-764"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-26T16:27:50Z",
"severity": "HIGH"
},
"details": "Theoretically, it would be possible for an attacker to brute-force the password for an instance in single-user password protection mode via a timing attack given the linear nature of the `!==` used for comparison.\n\nThe risk is minified by the additional overhead of the request, which varies in a non-constant nature making the attack less reliable to execute",
"id": "GHSA-cg5m-p8pg-93cg",
"modified": "2025-03-27T12:30:34Z",
"published": "2024-02-26T18:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0436"
},
{
"type": "WEB",
"url": "https://github.com/mintplex-labs/anything-llm/commit/3c859ba3038121b67fb98e87dc52617fa27cbef0"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/3e73cb96-c038-46a1-81b7-4d2215b36268"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-CJ89-CWCX-M929
Vulnerability from github – Published: 2022-11-21 09:30 – Updated: 2022-11-30 15:30A vulnerability was found in iPXE. It has been declared as problematic. This vulnerability affects the function tls_new_ciphertext of the file src/net/tls.c of the component TLS. The manipulation of the argument pad_len leads to information exposure through discrepancy. The name of the patch is 186306d6199096b7a7c4b4574d4be8cdb8426729. It is recommended to apply a patch to fix this issue. VDB-214054 is the identifier assigned to this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2022-4087"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-11-21T07:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in iPXE. It has been declared as problematic. This vulnerability affects the function tls_new_ciphertext of the file src/net/tls.c of the component TLS. The manipulation of the argument pad_len leads to information exposure through discrepancy. The name of the patch is 186306d6199096b7a7c4b4574d4be8cdb8426729. It is recommended to apply a patch to fix this issue. VDB-214054 is the identifier assigned to this vulnerability.",
"id": "GHSA-cj89-cwcx-m929",
"modified": "2022-11-30T15:30:26Z",
"published": "2022-11-21T09:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4087"
},
{
"type": "WEB",
"url": "https://github.com/ipxe/ipxe/commit/186306d6199096b7a7c4b4574d4be8cdb8426729"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.214054"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-CJP5-P4X3-X7JG
Vulnerability from github – Published: 2022-05-24 17:25 – Updated: 2024-01-04 03:30An information disclosure vulnerability exists on ARM implementations that use speculative execution in control flow via a side-channel analysis, aka "straight-line speculation, aka 'Windows ARM Information Disclosure Vulnerability'.
{
"affected": [],
"aliases": [
"CVE-2020-1459"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-08-17T19:15:00Z",
"severity": "LOW"
},
"details": "An information disclosure vulnerability exists on ARM implementations that use speculative execution in control flow via a side-channel analysis, aka \u0026quot;straight-line speculation, aka \u0027Windows ARM Information Disclosure Vulnerability\u0027.",
"id": "GHSA-cjp5-p4x3-x7jg",
"modified": "2024-01-04T03:30:32Z",
"published": "2022-05-24T17:25:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1459"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1459"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CM2Q-67XF-JW8C
Vulnerability from github – Published: 2022-05-24 17:30 – Updated: 2023-02-20 18:30During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
{
"affected": [],
"aliases": [
"CVE-2020-12401"
],
"database_specific": {
"cwe_ids": [
"CWE-203",
"CWE-327"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-10-08T14:15:00Z",
"severity": "MODERATE"
},
"details": "During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox \u003c 80 and Firefox for Android \u003c 80.",
"id": "GHSA-cm2q-67xf-jw8c",
"modified": "2023-02-20T18:30:17Z",
"published": "2022-05-24T17:30:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12401"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1631573"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00021.html"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2020-36"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2020-39"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-46
Strategy: Separation of Privilege
- Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
- Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
Mitigation MIT-39
- Ensure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or optimize their original attack, thereby increasing their chances of success.
- If errors must be captured in some detail, record them in log messages, but consider what could occur if the log messages can be viewed by attackers. Highly sensitive information such as passwords should never be saved to log files.
- Avoid inconsistent messaging that might accidentally tip off an attacker about internal state, such as whether a user account exists or not.
CAPEC-189: Black Box Reverse Engineering
An adversary discovers the structure, function, and composition of a type of computer software through black box analysis techniques. 'Black Box' methods involve interacting with the software indirectly, in the absence of direct access to the executable object. Such analysis typically involves interacting with the software at the boundaries of where the software interfaces with a larger execution environment, such as input-output vectors, libraries, or APIs. Black Box Reverse Engineering also refers to gathering physical side effects of a hardware device, such as electromagnetic radiation or sounds.