CWE-351: Insufficient Type Distinction
| Abstraction | Structure | Status |
|---|
| None | Simple | Draft |
Description
The product does not properly distinguish between different types of elements in a way that leads to insecure behavior.
| Nature | ID | View ID | Name |
|---|
| ChildOf | CWE-345 | 1000 | Insufficient Verification of Data Authenticity |
| PeerOf | CWE-436 | 1000 | Interpretation Conflict |
Modes of Introduction
Languages
Class: Not Language-Specific
Technologies
Common Consequences
| Scope | Impact | Note |
|---|
| Other | Other | |
Observed Examples
- CVE-2005-2260: Browser user interface does not distinguish between user-initiated and synthetic events.
- CVE-2005-2801: Product does not compare all required data in two separate elements, causing it to think they are the same, leading to loss of ACLs. Similar to Same Name error.