CWE-1023 - Incomplete Comparison with Missing Factors
- Abstraction:
- Class
- Structure:
- Simple
- Status:
- Incomplete
- Weakness Name
Incomplete Comparison with Missing Factors
- Description
The product performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one or more of these factors.
An incomplete comparison can lead to resultant weaknesses, e.g., by operating on the wrong object or making a security decision without considering a required factor.
- Common Consequences
Scope: Integrity, Access Control
Impact: Alter Execution Logic, Bypass Protection Mechanism
- Related Weaknesses
- Release Date:
- 2018-03-29
- Latest Modification Date:
- 2023-10-26
![⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January]](/images/thumbnail/images/2025/01/27/5fd1da6ebd0cf2e246fbb02d9d7013dd_450x0.png)
Free online web security scanner