CWE-1023

Incomplete Comparison with Missing Factors

AI Translation Available

The product performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one or more of these factors.

Status

incomplete

Abstraction

class

Affected Platforms

Extended Description

AI Translation

An incomplete comparison can lead to resultant weaknesses, e.g., by operating on the wrong object or making a security decision without considering a required factor.

Technical Details

AI Translation

Common Consequences

integrity access control

Impacts

alter execution logic bypass protection mechanism

Potential Mitigations

Phases:

testing

Descriptions:

• Thoroughly test the comparison scheme before deploying code into production. Perform positive testing as well as negative testing.

AI Generated Translation

Common Consequences

integrità controllo degli accessi

Impacts

alterazione esecuzione logica elusione del meccanismo di protezione

Potential Mitigations

Phases:

verifica

Descriptions:

• Testa accuratamente lo schema di confronto prima di distribuire il codice in produzione. Esegui test positivi così come test negativi.

CWE-1023

Common Consequences

Impacts

Potential Mitigations

Common Consequences

Impacts

Potential Mitigations

Iscriviti alla newsletter