BaseIncomplete

CWE-205Observable Behavioral Discrepancy

Category: other

Description

The product's behaviors indicate important differences that may be observed by unauthorized actors in a way that reveals (1) its internal state or decision process, or (2) differences from other products with equivalent functionality. Ideally, a product should provide as little information about its internal operations as possible. Otherwise, attackers could use knowledge of these internal operations to simplify or optimize their attack. In some cases, behavioral discrepancies can be used by attackers to form a side channel.

Common consequences· 1

  • Confidentiality / Access Control — Read Application Data, Bypass Protection Mechanism

Related CAPEC attack patterns· 2

CAPEC-541CAPEC-580

References

  1. https://cwe.mitre.org/data/definitions/205.html

Exploits (incoming)2

TypeTargetConfidenceTier
AttackPatternSystem Footprintingcapec-580100%live
AttackPatternApplication Fingerprintingcapec-541100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Observable Internal Behavioral Discrepancy
CWE
Observable Discrepancy
CWE
Observable Behavioral Discrepancy With Equivalent Products
CWE
Observable Timing Discrepancy
CWE
Observable Response Discrepancy
CWE
Incomplete Internal State Distinction
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.