CWE-1254
Incorrect Comparison Logic Granularity
The product's comparison logic is performed over a series of steps rather than across the entire string in one operation. If there is a comparison logic failure on one of these steps, the operation may be vulnerable to a timing attack that can result in the interception of the process for nefarious purposes.
Official CWE-1254 definition at MITREImpactr finds and proves weaknesses like CWE-1254 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist