CWE-1023 - Incomplete Comparison with Missing Factors

CWE-1023

Abstraction:
Class

Structure:
Simple

Status:
Incomplete

Weakness Name: Incomplete Comparison with Missing Factors

Description: The product performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one or more of these factors.
An incomplete comparison can lead to resultant weaknesses, e.g., by operating on the wrong object or making a security decision without considering a required factor.

Common Consequences: Scope: Integrity, Access Control
Impact: Alter Execution Logic, Bypass Protection Mechanism

Related Weaknesses: CWE-697Incorrect Comparison

Release Date:
2018-03-29

Latest Modification Date:
2023-10-26

Free security scan for your website

Don't show website scan report rating on the leaderboard