logo

CWE-783 - Operator Precedence Logic Error

CWE-783 Low

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Operator Precedence Logic Error

Description

The product uses an expression in which operator precedence causes incorrect logic to be used.

While often just a bug, operator precedence logic errors can have serious consequences if they are used in security-critical code, such as making an authentication decision.

Common Consequences

Scope: Confidentiality, Integrity, Availability

Impact: Varies by Context, Unexpected State

Notes: The consequences will vary based on the context surrounding the incorrect precedence. In a security decision, integrity or confidentiality are the most likely results. Otherwise, a crash may occur due to the software reaching an unexpected state.

Related Weaknesses
  • Release Date:
  • 2009-07-27
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website