CWE-1023

Incomplete Comparison with Missing Factors

Class

Incomplete

Description

The product performs a comparison between entities that must consider multiple factors or characteristics of each entity, but the comparison does not include one or more of these factors.

Parent Weaknesses (ChildOf)

CWE-697: Incorrect Comparison...

Common Consequences

Scope

Integrity

Access Control

Impact

Alter Execution Logic, Bypass Protection Mechanism

CVE-2005-2782

PHP remote file inclusion in web application that filters "http" and "https" URLs, but not "ftp".

CVE-2014-6394

Product does not prevent access to restricted directories due to partial string comparison with a public directory

Applicable Platforms

Not Language-Specific

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CWE-1023

Incomplete Comparison with Missing Factors

Description

Relationships

Common Consequences

Related CVEs

Applicable Platforms