CWE-1023β€”Incomplete Comparison with Missing Factors

PUBLISHEDweakness record
released 2018-03-29 Β· last modified 2026-04-30

Metadata

CWE ID:
CWE-1023
Abstraction:
Class
Structure:
Simple
Status:
Incomplete
Release Date:
2018-03-29
Latest Modification Date:
2026-04-30

Weakness Name

Incomplete Comparison with Missing Factors

Description

The product performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one or more of these factors.

Common Consequences

Scope:
Integrity, Access Control
Impact:
Alter Execution Logic, Bypass Protection Mechanism
Notes:
An incomplete comparison can lead to resultant weaknesses, e.g., by operating on the wrong object or making a security decision without considering a required factor.

Related Weaknesses