CWE-351: Insufficient Type Distinction

Description

The product does not properly distinguish between different types of elements in a way that leads to insecure behavior.

Extended Description

N/A

ThreatScore

Threat Mapped score: 0.0

Industry: Finiancial

Threat priority: Unclassified

Observed Examples (CVEs)

CVE: CVE-2005-2260

Browser user interface does not distinguish between user-initiated and synthetic events.
CVE: CVE-2005-2801

Product does not compare all required data in two separate elements, causing it to think they are the same, leading to loss of ACLs. Similar to Same Name error.

Related Attack Patterns (CAPEC)

N/A

Attack TTPs

N/A

Modes of Introduction

Phase	Note
Implementation	N/A

Common Consequences

Impact: Other — Notes:

Potential Mitigations

None listed.

Applicable Platforms

None (Not Language-Specific, Undetermined)

Demonstrative Examples

N/A

Notes

Relationship: Overlaps others, e.g. Multiple Interpretation Errors.

← Back to CWE list