CWE-783β€”Operator Precedence Logic Error

PUBLISHEDweakness recordLow
released 2009-07-27 Β· last modified 2025-12-11

Metadata

CWE ID:
CWE-783
Abstraction:
Base
Structure:
Simple
Status:
Draft
Release Date:
2009-07-27
Latest Modification Date:
2025-12-11

Weakness Name

Operator Precedence Logic Error

Description

The product uses an expression in which operator precedence causes incorrect logic to be used.

While often just a bug, operator precedence logic errors can have serious consequences if they are used in security-critical code, such as making an authentication decision.

Common Consequences

Scope:
Confidentiality, Integrity, Availability
Impact:
Varies by Context, Unexpected State
Notes:
The consequences will vary based on the context surrounding the incorrect precedence. In a security decision, integrity or confidentiality are the most likely results. Otherwise, a crash may occur due to the software reaching an unexpected state.

Related Weaknesses