VariantIncomplete

CWE-187Partial String Comparison

Category: other

Description

The product performs a comparison that only examines a portion of a factor before determining whether there is a match, such as a substring, leading to resultant weaknesses. For example, an attacker might succeed in authentication by providing a small password that matches the associated portion of the larger, correct password.

Common consequences· 1

  • Integrity / Access Control — Alter Execution Logic, Bypass Protection Mechanism

Potential mitigations· 1

  • [Testing]Thoroughly test the comparison scheme before deploying code into production. Perform positive testing as well as negative testing.

References

  1. https://cwe.mitre.org/data/definitions/187.html

(incoming)1

TypeTargetConfidenceTier
VulnerabilityCVE-2026-35031cve-2026-350310%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Incorrect Comparison Logic Granularity
CWE
Use of Password Hash Instead of Password for Authentication
CWE
Incorrect Comparison
CWE
Incorrect Regular Expression
CWE
Use of Password Hash With Insufficient Computational Effort
CWE
Use of Wrong Operator in String Comparison
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.