CWE · MITRE source
CWE-203Observable Discrepancy
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.
Last updated: 04 July 2026 00:28 UTC
Cumulative inbound coverage
How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.
Collective: partial · 4 mapping(s) from 2 framework(s): ATT&CK 3 (partial) · CAPEC 1 (partial)
NIST 800-53 r5 controls that address this weakness (3)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
SC-30 | Concealment and Misdirection | SC | Misdirection can normalize or falsify responses to eliminate observable discrepancies that aid reconnaissance. |
SC-31 | Covert Channel Analysis | SC | Observable discrepancies in system behavior can be modulated to create covert storage or timing channels; the required analysis detects and constrains such avenues. |
SI-11 | Error Handling | SI | Prevents attackers from using observable differences in error responses to infer internal system details or state. |
MITRE ATT&CK techniques this weakness enables
Our own two-way CWE↔ATT&CK cross-walk — a direct mapping with no public source (the CWE→CAPEC→ATT&CK chain leaves most top weaknesses, incl. XSS and SQLi, mapped to nothing). Drafted by Grok and spot-checked by Claude Opus 4.8.
Direction: ← other covers this;
→ this covers other (F/M/P = full / mostly /
partial).
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2024-39891 KEV | 10.0 | 5.3 | 0.0148 | 2024-07-02 |
CVE-2003-0190 | 8.0 | 0.0 | 0.7675 | 2003-05-12 |
CVE-2017-5715 | 8.0 | 5.6 | 0.7404 | 2018-01-04 |
CVE-2017-5753 | 8.0 | 5.6 | 0.9384 | 2018-01-04 |
CVE-2018-3639 | 8.0 | 5.5 | 0.6063 | 2018-05-22 |
CVE-2023-28770 | 8.0 | 7.5 | 0.5778 | 2023-04-27 |
CVE-2018-1000884 | 7.0 | 9.8 | 0.0129 | 2018-12-20 |
CVE-2019-10071 | 7.0 | 9.8 | 0.0875 | 2019-09-16 |
CVE-2021-1924 | 7.0 | 9.0 | 0.0017 | 2021-11-12 |
CVE-2022-23303 | 7.0 | 9.8 | 0.0294 | 2022-01-17 |
CVE-2022-23304 | 7.0 | 9.8 | 0.0190 | 2022-01-17 |
CVE-2022-40895 | 7.0 | 9.1 | 0.0153 | 2022-10-06 |
CVE-2023-26556 | 7.0 | 9.1 | 0.0086 | 2023-04-21 |
CVE-2023-40756 | 7.0 | 9.8 | 0.0075 | 2023-08-28 |
CVE-2024-23771 UPD | 7.0 | 9.8 | 0.0106 | 2024-01-22 |
CVE-2024-25189 UPD | 7.0 | 9.8 | 0.0095 | 2024-02-08 |
CVE-2024-25190 UPD | 7.0 | 9.8 | 0.0090 | 2024-02-08 |
CVE-2024-25191 UPD | 7.0 | 9.8 | 0.0089 | 2024-02-08 |
CVE-2024-25714 UPD | 7.0 | 9.8 | 0.0081 | 2024-02-11 |
CVE-2025-27667 | 7.0 | 9.8 | 0.0062 | 2025-03-05 |
CVE-2025-10890 | 7.0 | 9.1 | 0.0029 | 2025-09-24 |
CVE-2026-23519 | 7.0 | 9.8 | 0.0050 | 2026-01-15 |
CVE-2019-25337 | 7.0 | 9.8 | 0.0041 | 2026-02-12 |
CVE-2026-41588 UPD | 7.0 | 9.0 | 0.0036 | 2026-05-08 |
CVE-2003-0078 | 6.0 | 0.0 | 0.1372 | 2003-03-03 |