Primary

Context

DivvyDrive Web Observable Timing Discrepancy Vulnerability Allowing Cross-Domain Search Timing

Vulnerability

A timing discrepancy vulnerability has been identified in DivvyDrive Web, specifically in versions 4.8.2.2 prior to 4.8.2.15. This vulnerability allows for cross-domain search timing attacks, where an attacker could potentially exploit the timing of responses to infer information across different domains.

Impact

Exploitation of this vulnerability could enable cross-domain search timing attacks, allowing attackers to infer information based on the timing of responses.

Remediation

Users are advised to upgrade to version 4.8.2.15 or later.

Added: Sep 24, 2025, 9:17 AM

Updated: Sep 24, 2025, 9:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.0

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.0

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

DivvyDrive Web Observable Timing Discrepancy Vulnerability Allowing Cross-Domain Search Timing

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating