CWE-1023Incomplete Comparison with Missing Factors

Description

The product performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one or more of these factors.

Common consequences

• Integrity,Access Control→Alter Execution Logic,Bypass Protection Mechanism
  An incomplete comparison can lead to resultant weaknesses, e.g., by operating on the wrong object or making a security decision without considering a required factor.

Related CWEs

Recent CVEs classified under this CWE