CWE-204
AllowedObservable Response Discrepancy
Abstraction: Base · Status: Incomplete
The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.
298 vulnerabilities reference this CWE, most recent first.
CVE-2019-25338 (GCVE-0-2019-25338)
Vulnerability from cvelistv5 – Published: 2026-02-12 22:48 – Updated: 2026-03-05 01:26- CWE-204 - Observable Response Discrepancy
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/47731 | exploit |
| https://www.dokuwiki.org/dokuwiki | product |
| https://download.dokuwiki.org/ | product |
| https://www.vulncheck.com/advisories/dokuwiki-b-u… | third-party-advisory |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-25338",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-13T17:05:31.795130Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-13T17:05:43.384Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Dokuwiki",
"vendor": "Dokuwiki",
"versions": [
{
"status": "affected",
"version": "2018-04-22b \"Greebo\""
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dokuwiki:dokuwiki:2023-04-04:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Talha \u015eEN"
}
],
"datePublic": "2019-12-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "DokuWiki 2018-04-22b contains a username enumeration vulnerability in its password reset functionality that allows attackers to identify valid user accounts. Attackers can submit different usernames to the password reset endpoint and distinguish between existing and non-existing accounts by analyzing the server\u0027s error response messages."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-204",
"description": "Observable Response Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-05T01:26:11.309Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-47731",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/47731"
},
{
"name": "DokuWiki Official Homepage",
"tags": [
"product"
],
"url": "https://www.dokuwiki.org/dokuwiki"
},
{
"name": "DokuWiki Download Page",
"tags": [
"product"
],
"url": "https://download.dokuwiki.org/"
},
{
"name": "VulnCheck Advisory: Dokuwiki 2018-04-22b - Username Enumeration",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/dokuwiki-b-username-enumeration"
}
],
"title": "Dokuwiki 2018-04-22b - Username Enumeration",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2019-25338",
"datePublished": "2026-02-12T22:48:46.640Z",
"dateReserved": "2026-02-12T14:48:29.868Z",
"dateUpdated": "2026-03-05T01:26:11.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2018-25350 (GCVE-0-2018-25350)
Vulnerability from cvelistv5 – Published: 2026-05-23 18:30 – Updated: 2026-05-26 13:27- CWE-204 - Observable Response Discrepancy
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/44872 | exploit |
| https://www.vulncheck.com/advisories/userspice-us… | third-party-advisory |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-25350",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T13:27:49.380963Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T13:27:55.786Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "userSpice",
"vendor": "UserSpice",
"versions": [
{
"status": "affected",
"version": "4.3.24"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dolev Farhi"
}
],
"datePublic": "2018-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "userSpice 4.3.24 contains a username enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by sending POST requests to the existingUsernameCheck.php endpoint. Attackers can submit usernames and analyze response text for the \u0027taken\u0027 string to identify existing accounts in the system."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-204",
"description": "Observable Response Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T18:30:51.228Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-44872",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/44872"
},
{
"name": "VulnCheck Advisory: userSpice 4.3.24 Username Enumeration via existingUsernameCheck.php",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/userspice-username-enumeration-via-existingusernamecheck-php"
}
],
"title": "userSpice 4.3.24 Username Enumeration via existingUsernameCheck.php",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2018-25350",
"datePublished": "2026-05-23T18:30:51.228Z",
"dateReserved": "2026-05-23T15:34:00.756Z",
"dateUpdated": "2026-05-26T13:27:55.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2016-9499 (GCVE-0-2016-9499)
Vulnerability from cvelistv5 – Published: 2018-07-13 20:00 – Updated: 2024-08-06 02:50| URL | Tags |
|---|---|
| https://www.qualys.com/2016/12/06/qsa-2016-12-06/… | x_refsource_MISC |
| https://www.securityfocus.com/bid/96154 | vdb-entryx_refsource_BID |
| https://www.kb.cert.org/vuls/id/745607 | third-party-advisoryx_refsource_CERT-VN |
| Vendor | Product | Version | |
|---|---|---|---|
| Accellion | FTP Server |
Affected:
FTA_9_12_220 , < FTA_9_12_220
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:38.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qualys.com/2016/12/06/qsa-2016-12-06/qsa-2016-12-06.pdf"
},
{
"name": "96154",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/96154"
},
{
"name": "VU#745607",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/745607"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FTP Server",
"vendor": "Accellion",
"versions": [
{
"lessThan": "FTA_9_12_220",
"status": "affected",
"version": "FTA_9_12_220",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Ashish Kamble for reporting this vulnerability."
}
],
"datePublic": "2017-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Accellion FTP server prior to version FTA_9_12_220 only returns the username in the server response if the username is invalid. An attacker may use this information to determine valid user accounts and enumerate them."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-204",
"description": "CWE-204",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-13T19:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qualys.com/2016/12/06/qsa-2016-12-06/qsa-2016-12-06.pdf"
},
{
"name": "96154",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "https://www.securityfocus.com/bid/96154"
},
{
"name": "VU#745607",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/745607"
}
],
"solutions": [
{
"lang": "en",
"value": "Both issues have been addressed in the most recent version FTA_9_12_220, released on 31 January 2017. Previously, CVE-2016-9500 was addressed in FTA_9_12_160 released on 29 November 2016."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The Accellion FTP server prior to version FTA_9_12_220 is vulnerable to cross-site scripting.",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-9499",
"STATE": "PUBLIC",
"TITLE": "The Accellion FTP server prior to version FTA_9_12_220 is vulnerable to cross-site scripting."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FTP Server",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "FTA_9_12_220",
"version_value": "FTA_9_12_220"
}
]
}
}
]
},
"vendor_name": "Accellion"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Ashish Kamble for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Accellion FTP server prior to version FTA_9_12_220 only returns the username in the server response if the username is invalid. An attacker may use this information to determine valid user accounts and enumerate them."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-204"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualys.com/2016/12/06/qsa-2016-12-06/qsa-2016-12-06.pdf",
"refsource": "MISC",
"url": "https://www.qualys.com/2016/12/06/qsa-2016-12-06/qsa-2016-12-06.pdf"
},
{
"name": "96154",
"refsource": "BID",
"url": "https://www.securityfocus.com/bid/96154"
},
{
"name": "VU#745607",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/745607"
}
]
},
"solution": [
{
"lang": "en",
"value": "Both issues have been addressed in the most recent version FTA_9_12_220, released on 31 January 2017. Previously, CVE-2016-9500 was addressed in FTA_9_12_160 released on 29 November 2016."
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-9499",
"datePublished": "2018-07-13T20:00:00.000Z",
"dateReserved": "2016-11-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:50:38.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GHSA-256Q-HX8W-XCQX
Vulnerability from github – Published: 2025-04-10 20:12 – Updated: 2025-04-10 20:12Impact
User enumeration is possible by performing a timing attack on the login or password reset pages with user credentials.
This was originally disclosed in https://www.silverstripe.org/download/security-releases/ss-2017-005/ for CMS 3 but was not patched in CMS 4+
References
- https://www.silverstripe.org/download/security-releases/ss-2017-005
- https://www.silverstripe.org/download/security-releases/ss-2025-001
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "silverstripe/framework"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0"
},
{
"fixed": "5.3.23"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-204"
],
"github_reviewed": true,
"github_reviewed_at": "2025-04-10T20:12:55Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "### Impact\nUser enumeration is possible by performing a timing attack on the login or password reset pages with user credentials.\n\nThis was originally disclosed in https://www.silverstripe.org/download/security-releases/ss-2017-005/ for CMS 3 but was not patched in CMS 4+\n\n### References\n\n- https://www.silverstripe.org/download/security-releases/ss-2017-005\n- https://www.silverstripe.org/download/security-releases/ss-2025-001",
"id": "GHSA-256q-hx8w-xcqx",
"modified": "2025-04-10T20:12:55Z",
"published": "2025-04-10T20:12:55Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-256q-hx8w-xcqx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12849"
},
{
"type": "WEB",
"url": "https://github.com/silverstripe/silverstripe-framework/pull/11681"
},
{
"type": "WEB",
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/silverstripe/framework/SS-2025-001.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/silverstripe/silverstripe-framework"
},
{
"type": "WEB",
"url": "https://www.silverstripe.org/download/security-releases/ss-2017-005"
},
{
"type": "WEB",
"url": "https://www.silverstripe.org/download/security-releases/ss-2025-001"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Silverstripe Framework user enumeration via timing attack on login and password reset forms"
}
GHSA-258M-GGV2-XXV3
Vulnerability from github – Published: 2023-05-22 21:30 – Updated: 2024-04-04 04:16When supplied with a random MAC address, Snap One OvrC cloud servers will return information about the device. The MAC address of devices can be enumerated in an attack and the OvrC cloud will disclose their information.
{
"affected": [],
"aliases": [
"CVE-2023-28412"
],
"database_specific": {
"cwe_ids": [
"CWE-203",
"CWE-204"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-05-22T20:15:10Z",
"severity": "MODERATE"
},
"details": "\n\n\n\n\n\n\n\n\nWhen supplied with a random MAC address, Snap One OvrC cloud servers will return information about the device. The MAC address of devices can be enumerated in an attack and the OvrC cloud will disclose their information.\n\n\n\n\n\n\n\n\n\n\n\n\n",
"id": "GHSA-258m-ggv2-xxv3",
"modified": "2024-04-04T04:16:44Z",
"published": "2023-05-22T21:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28412"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-136-01"
},
{
"type": "WEB",
"url": "https://www.control4.com/docs/product/ovrc-software/release-notes/english/latest/ovrc-software-release-notes-rev-r.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-26XJ-R8R2-VVGX
Vulnerability from github – Published: 2025-06-12 15:31 – Updated: 2025-06-12 15:31For failed login attempts, the application returns different error messages depending on whether the login failed due to an incorrect password or a non-existing username. This allows an attacker to guess usernames until they find an existing one.
{
"affected": [],
"aliases": [
"CVE-2025-49187"
],
"database_specific": {
"cwe_ids": [
"CWE-204"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-12T14:15:31Z",
"severity": "MODERATE"
},
"details": "For failed login attempts, the application returns different error messages depending on whether the login failed due to an incorrect password or a non-existing username. This allows an attacker to guess usernames until they find an existing one.",
"id": "GHSA-26xj-r8r2-vvgx",
"modified": "2025-06-12T15:31:23Z",
"published": "2025-06-12T15:31:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49187"
},
{
"type": "WEB",
"url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF"
},
{
"type": "WEB",
"url": "https://sick.com/psirt"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"type": "WEB",
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"type": "WEB",
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json"
},
{
"type": "WEB",
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2FFW-H4MH-JJH5
Vulnerability from github – Published: 2025-11-18 15:30 – Updated: 2025-11-20 15:30Windu CMS is vulnerable to User Enumeration. This issue occurs during logon, where a difference in messages could allow an attacker to determine if the login is valid or not, enabling a brute force attack with valid logins.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 4.1 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
{
"affected": [],
"aliases": [
"CVE-2025-59116"
],
"database_specific": {
"cwe_ids": [
"CWE-204"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-18T15:16:34Z",
"severity": "MODERATE"
},
"details": "Windu CMS is vulnerable to User Enumeration. This issue occurs during logon, where a difference in messages could allow an attacker to determine if the login is valid or not, enabling a brute force attack with valid logins.\n\nThe vendor was notified early about this vulnerability, but didn\u0027t respond with the details of vulnerability or vulnerable version range. Only version 4.1 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.",
"id": "GHSA-2ffw-h4mh-jjh5",
"modified": "2025-11-20T15:30:20Z",
"published": "2025-11-18T15:30:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59116"
},
{
"type": "WEB",
"url": "https://cert.pl/posts/2025/11/CVE-2025-59110"
},
{
"type": "WEB",
"url": "https://windu.org"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-2M7M-JHX5-8CRH
Vulnerability from github – Published: 2024-05-04 15:30 – Updated: 2024-05-04 15:30IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to observable response discrepancies. IBM X-Force ID: 248545.
{
"affected": [],
"aliases": [
"CVE-2023-27283"
],
"database_specific": {
"cwe_ids": [
"CWE-203",
"CWE-204"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-04T14:16:01Z",
"severity": "MODERATE"
},
"details": "IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to observable response discrepancies. IBM X-Force ID: 248545.",
"id": "GHSA-2m7m-jhx5-8crh",
"modified": "2024-05-04T15:30:31Z",
"published": "2024-05-04T15:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27283"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/248545"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7150191"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-2PW7-5GJQ-98F6
Vulnerability from github – Published: 2025-10-23 18:31 – Updated: 2025-10-23 18:31Tibbo AggreGate Network Manager < 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account identifiers. This can facilitate user enumeration and increase the likelihood of targeted brute-force or credential-stuffing attacks.
{
"affected": [],
"aliases": [
"CVE-2025-34155"
],
"database_specific": {
"cwe_ids": [
"CWE-204"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-23T17:15:36Z",
"severity": "MODERATE"
},
"details": "Tibbo AggreGate Network Manager \u003c 6.40.05 contains an observable response discrepancy in its login functionality. Authentication failure messages differ based on whether a supplied username exists or not, allowing an unauthenticated remote attacker to infer valid account identifiers. This can facilitate user enumeration and increase the likelihood of targeted brute-force or credential-stuffing attacks.",
"id": "GHSA-2pw7-5gjq-98f6",
"modified": "2025-10-23T18:31:15Z",
"published": "2025-10-23T18:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-34155"
},
{
"type": "WEB",
"url": "https://aggregate.digital/downloads.html"
},
{
"type": "WEB",
"url": "https://aggregate.digital/products/network-manager.html"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/tibbo-aggregate-network-manager-login-functionality-user-enumeration"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-347X-877P-HCWX
Vulnerability from github – Published: 2020-05-13 22:19 – Updated: 2024-12-03 21:36In TYPO3 CMS 10.4.0 through 10.4.1, it has been discovered that time-based attacks can be used with the password reset functionality for backend users. This allows an attacker to mount user enumeration based on email addresses assigned to backend user accounts.
This has been fixed in 10.4.2.
References
- https://typo3.org/security/advisory/typo3-core-sa-2020-001
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "typo3/cms-core"
},
"ranges": [
{
"events": [
{
"introduced": "10.0.0"
},
{
"fixed": "10.4.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "typo3/cms"
},
"ranges": [
{
"events": [
{
"introduced": "10.0.0"
},
{
"fixed": "10.4.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-11063"
],
"database_specific": {
"cwe_ids": [
"CWE-203",
"CWE-204"
],
"github_reviewed": true,
"github_reviewed_at": "2020-05-13T22:16:54Z",
"nvd_published_at": "2020-05-13T23:15:11Z",
"severity": "LOW"
},
"details": "In TYPO3 CMS 10.4.0 through 10.4.1, it has been discovered that time-based attacks can be used with the password reset functionality for backend users. This allows an attacker to mount user enumeration based on email addresses assigned to backend user accounts.\n\nThis has been fixed in 10.4.2.\n\n### References\n* https://typo3.org/security/advisory/typo3-core-sa-2020-001",
"id": "GHSA-347x-877p-hcwx",
"modified": "2024-12-03T21:36:01Z",
"published": "2020-05-13T22:19:21Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/TYPO3/TYPO3.CMS/security/advisories/GHSA-347x-877p-hcwx"
},
{
"type": "WEB",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-347x-877p-hcwx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11063"
},
{
"type": "WEB",
"url": "https://github.com/TYPO3/typo3/commit/14929b98ecda0ce67329b0f25ca7c01ee85df574"
},
{
"type": "WEB",
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms-core/CVE-2020-11063.yaml"
},
{
"type": "WEB",
"url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/CVE-2020-11063.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/TYPO3/typo3"
},
{
"type": "WEB",
"url": "https://typo3.org/security/advisory/typo3-core-sa-2020-001"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Information Disclosure in Password Reset"
}
Mitigation MIT-46
Strategy: Separation of Privilege
- Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
- Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
Mitigation MIT-39
- Ensure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or optimize their original attack, thereby increasing their chances of success.
- If errors must be captured in some detail, record them in log messages, but consider what could occur if the log messages can be viewed by attackers. Highly sensitive information such as passwords should never be saved to log files.
- Avoid inconsistent messaging that might accidentally tip off an attacker about internal state, such as whether a user account exists or not.
CAPEC-331: ICMP IP Total Length Field Probe
An adversary sends a UDP packet to a closed port on the target machine to solicit an IP Header's total length field value within the echoed 'Port Unreachable" error message. This type of behavior is useful for building a signature-base of operating system responses, particularly when error messages contain other types of information that is useful identifying specific operating system responses.
CAPEC-332: ICMP IP 'ID' Field Error Message Probe
An adversary sends a UDP datagram having an assigned value to its internet identification field (ID) to a closed port on a target to observe the manner in which this bit is echoed back in the ICMP error message. This allows the attacker to construct a fingerprint of specific OS behaviors.
CAPEC-541: Application Fingerprinting
An adversary engages in fingerprinting activities to determine the type or version of an application installed on a remote target.
CAPEC-580: System Footprinting
An adversary engages in active probing and exploration activities to determine security information about a remote target system. Often times adversaries will rely on remote applications that can be probed for system configurations.