BaseIncomplete
CWE-178Improper Handling of Case Sensitivity
Category: other
Description
The product does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results.
Common consequences· 1
- Access Control — Bypass Protection Mechanism
Potential mitigations· 3
- [Architecture and Design]Avoid making decisions based on names of resources (e.g. files) if those resources can have alternate names.
- [Implementation]
- [Implementation]Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
References
(incoming)10
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Vulnerability | CVE-2025-59944cve-2025-59944 | 0% | live |
| Vulnerability | CVE-2025-61593cve-2025-61593 | 0% | live |
| Vulnerability | CVE-2026-22665cve-2026-22665 | 0% | live |
| Vulnerability | CVE-2026-27587cve-2026-27587 | 0% | live |
| Vulnerability | CVE-2026-27588cve-2026-27588 | 0% | live |
| Vulnerability | CVE-2026-28292cve-2026-28292 | 0% | live |
| Vulnerability | CVE-2026-32939cve-2026-32939 | 0% | live |
| Vulnerability | CVE-2026-40453cve-2026-40453 | 0% | live |
| Vulnerability | CVE-2026-47323cve-2026-47323 | 0% | live |
| KEVEntry | Fortinet FortiOS SSL VPN Improper Authentication Vulnerabilitykev-cve-2020-12812 | 0% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.