CWE-697

PillarIncomplete

View on MITRE

Incorrect Comparison

The product compares two entities in a security-relevant context, but the comparison is incorrect.

48 linked vulnerabilities

Extended Description

the comparison checks one factor incorrectly;
the comparison should consider multiple factors, but it does not check at least one of those factors at all;
the comparison checks the wrong factor.

OtherVaries by Context

When the comparison is incorrect, it may lead to resultant weaknesses.

Automated Static Analysis

Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)

Modes of Introduction

Implementation

Example CVEs (3)

CVE-2021-3116

Chain: Python-based HTTP Proxy server uses the wrong boolean operators (CWE-480) causing an incorrect comparison (CWE-697) that identifies an authN failure if all three conditions are met instead of only one, allowing bypass of the proxy authentication (CWE-1390)

CVE-2020-15811

Chain: Proxy uses a substring search instead of parsing the Transfer-Encoding header (CWE-697), allowing request splitting (CWE-113) and cache poisoning

CVE-2016-10003

Proxy performs incorrect comparison of request headers, leading to infoleak

External Links

MITRE CWE Database