CWE-178: Improper Handling of Case Sensitivity
low-riskThe product does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results.
Abstraction: Base
Common Consequences
Access Control
→
Bypass Protection Mechanism
Real-World Examples (10)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2021-24347 | 8.8 | 80.6% | — |
| CVE-2021-24347 | 8.8 | 80.6% | — |
| CVE-2018-9845 | 9.8 | 60.2% | — |
| CVE-2020-12812 | 9.8 | 48.5% | Y |
| CVE-2025-27636 | 5.6 | 47.8% | — |
| CVE-2022-22968 | 5.3 | 20.5% | — |
| CVE-2021-28323 | 6.5 | 16.6% | — |
| CVE-2007-3365 | 7.5 | 14.2% | — |
| CVE-2001-0766 | 9.8 | 11.4% | — |
| CVE-2003-0411 | 7.5 | 9.3% | — |
19
/ 100
low-risk
Active Threat
14/50 · Low
Exploit Availability
5/50 · Minimal