CWE

Information Exposure Through Behavioral Discrepancy

ID: 205		Date: (C)2012-05-14   (M)2022-10-10
Type: weakness		Status: INCOMPLETE
Abstraction Type: Base

Description

The product's actions indicate important differences based on (1) the internal state of the product or (2) differences from other products in the same class.

Extended Description

For example, attacks such as OS fingerprinting rely heavily on both behavioral and response discrepancies.

Applicable Platforms
Language Class: All

Time Of Introduction

• Architecture and Design
• Implementation

Common Consequences

Scope	Technical Impact	Notes
Confidentiality Access_Control	Read application data Bypass protection mechanism

Detection Methods
None

Potential Mitigations

Phase	Strategy	Description	Effectiveness	Notes
		Compartmentalize your system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.

Relationships

Related CWE	Type	View	Chain
CWE-205 ChildOf CWE-895	Category	CWE-888

Demonstrative Examples
None

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings

Taxynomy	Id	Name	Fit
PLOVER		Behavioral Discrepancy Infoleak
WASC	45	Fingerprinting

References:
None