logo

CWE-1288 - Improper Validation of Consistency within Input

CWE-1288

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Incomplete
Weakness Name

Improper Validation of Consistency within Input

Description

The product receives a complex input with multiple elements or fields that must be consistent with each other, but it does not validate or incorrectly validates that the input is actually consistent.

Some input data can be structured with multiple elements or fields that must be consistent with each other, e.g. a number-of-items field that is followed by the expected number of elements. When such complex inputs are inconsistent, attackers could trigger unexpected errors, cause incorrect actions to take place, or exploit latent vulnerabilities.

Common Consequences

Scope: Other

Impact: Varies by Context

Related Weaknesses
  • Release Date:
  • 2020-02-24
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website