CWE-351 – Insufficient Type Distinction

Read Time:26 Second

Description

The software does not properly distinguish between different types of elements in a way that leads to insecure behavior.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-345
CWE-436

 

Consequences

Other: Other

 

Potential Mitigations

CVE References

  • CVE-2005-2260
    • Browser user interface does not distinguish between user-initiated and synthetic events.
  • CVE-2005-2801
    • Product does not compare all required data in two separate elements, causing it to think they are the same, leading to loss of ACLs. Similar to Same Name error.