CWE-1288 - Improper Validation of Consistency within Input
CWE-1288
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Incomplete
- Weakness Name
Improper Validation of Consistency within Input
- Description
The product receives a complex input with multiple elements or fields that must be consistent with each other, but it does not validate or incorrectly validates that the input is actually consistent.
Some input data can be structured with multiple elements or fields that must be consistent with each other, e.g. a number-of-items field that is followed by the expected number of elements. When such complex inputs are inconsistent, attackers could trigger unexpected errors, cause incorrect actions to take place, or exploit latent vulnerabilities.
- Common Consequences
Scope: Other
Impact: Varies by Context
- Related Weaknesses
- Release Date:
- 2020-02-24
- Latest Modification Date:
- 2023-06-29
Free security scan for your website