logo

CWE-1023 - Incomplete Comparison with Missing Factors

CWE-1023

  • Abstraction:
  • Class
  • Structure:
  • Simple
  • Status:
  • Incomplete
Weakness Name

Incomplete Comparison with Missing Factors

Description

The product performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one or more of these factors.

An incomplete comparison can lead to resultant weaknesses, e.g., by operating on the wrong object or making a security decision without considering a required factor.

Common Consequences

Scope: Integrity, Access Control

Impact: Alter Execution Logic, Bypass Protection Mechanism

Related Weaknesses
  • Release Date:
  • 2018-03-29
  • Latest Modification Date:
  • 2023-10-26

Free security scan for your website