CWE-205: Observable Behavioral Discrepancy
moderate-riskThe product's behaviors indicate important differences that may be observed by unauthorized actors in a way that reveals (1) its internal state or decision process, or (2) differences from other products with equivalent functionality.
Abstraction: Base
Common Consequences
Confidentiality
→
Read Application Data
Real-World Examples (2)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2017-11155 | 7.5 | 29.5% | — |
| CVE-2024-6129 | 3.7 | 0.2% | — |
33
/ 100
moderate-risk
Active Threat
19/50 · Low
Exploit Availability
14/50 · Low