CWE-1254: Incorrect Comparison Logic Granularity
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
The product's comparison logic is performed over a series of steps rather than across the entire string in one operation. If there is a comparison logic failure on one of these steps, the operation may be vulnerable to a timing attack that can result in the interception of the process for nefarious purposes.
常见后果
影响范围: Confidentiality Authorization
技术影响: Bypass Protection Mechanism
潜在缓解措施
阶段: Implementation
观察示例
参考: CVE-2019-10482
Smartphone OS uses comparison functions that are not in constant time, allowing side channels
参考: CVE-2019-10071
Java-oriented framework compares HMAC signatures using String.equals() instead of a constant-time algorithm, causing timing discrepancies
参考: CVE-2014-0984
Password-checking function in router terminates validation of a password entry when it encounters the first incorrect character, which allows remote attackers to obtain passwords via a brute-force attack that relies on timing differences in responses to incorrect password guesses, aka a timing side-channel attack.
引入模式
| 阶段 | 说明 |
|---|---|
| Architecture and Design | - |
| Implementation | - |