CWE-1097: Persistent Storable Data Element without Associated Comparison Control Element

Description

The product uses a storable data element that does not have all of the associated functions or methods that are necessary to support comparison.

Extended Description

For example, with Java, a class that is made persistent requires both hashCode() and equals() methods to be defined. This issue can prevent the product from running reliably, due to incorrect or unexpected comparison results. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability.

ThreatScore

Threat Mapped score: 0.0

Industry: Finiancial

Threat priority: Unclassified

Observed Examples (CVEs)

No observed examples available.

Related Attack Patterns (CAPEC)

N/A

Attack TTPs

N/A

Modes of Introduction

Phase	Note
None listed.

Common Consequences

Impact: Reduce Reliability — Notes:

Potential Mitigations

None listed.

Applicable Platforms

None listed.

Demonstrative Examples

N/A

Notes

No notes available.

← Back to CWE list