CWE-1288: Improper Validation of Consistency within Input

Base Incomplete Simple

CWE版本: 4.18

更新日期: 2025-09-09

弱点描述

The product receives a complex input with multiple elements or fields that must be consistent with each other, but it does not validate or incorrectly validates that the input is actually consistent.

常见后果

影响范围: Other

技术影响: Varies by Context

潜在缓解措施

阶段: Implementation

策略: Input Validation

有效性: High

观察示例

参考: CVE-2018-16733

product does not validate that the start block appears before the end block

参考: CVE-2006-3790

size field that is inconsistent with packet size leads to buffer over-read

参考: CVE-2008-4114

system crash with offset value that is inconsistent with packet size

引入模式

阶段 说明
Implementation -

适用平台

编程语言
Not Language-Specific (Often)
关键信息

CWE ID: CWE-1288

抽象级别: Base

结构: Simple

状态: Incomplete

相关弱点
ChildOf CWE-20

Improper Input Validation

Class
返回列表