CWE-1097 - Persistent Storable Data Element without Associated Comparison Control Element
CWE-1097
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Incomplete
- Weakness Name
Persistent Storable Data Element without Associated Comparison Control Element
- Description
The product uses a storable data element that does not have all of the associated functions or methods that are necessary to support comparison.
For example, with Java, a class that is made persistent requires both hashCode() and equals() methods to be defined. This issue can prevent the product from running reliably, due to incorrect or unexpected comparison results. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability.
- Common Consequences
Scope: Other
Impact: Reduce Reliability
- Related Weaknesses
- Release Date:
- 2019-01-03
- Latest Modification Date:
- 2024-02-29
Free security scan for your website