CWE-1023βIncomplete Comparison with Missing Factors
PUBLISHEDweakness record
released 2018-03-29 Β· last modified 2026-04-30
Metadata
- CWE ID:
- CWE-1023
- Abstraction:
- Class
- Structure:
- Simple
- Status:
- Incomplete
- Release Date:
- 2018-03-29
- Latest Modification Date:
- 2026-04-30
Weakness Name
Incomplete Comparison with Missing Factors
Description
The product performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one or more of these factors.
Common Consequences
- Scope:
- Integrity, Access Control
- Impact:
- Alter Execution Logic, Bypass Protection Mechanism
- Notes:
- An incomplete comparison can lead to resultant weaknesses, e.g., by operating on the wrong object or making a security decision without considering a required factor.