CWE-354: Improper Validation of Integrity Check Value
low-riskThe product does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.
Abstraction: Base
Common Consequences
Integrity
→
Modify Application Data
Integrity
→
Other
Non-Repudiation
→
Hide Activities
Real-World Examples (10)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2023-48795 | 5.9 | 56.7% | — |
| CVE-2023-48795 | 5.9 | 56.7% | — |
| CVE-2024-3596 | 9.0 | 15.3% | — |
| CVE-2019-1166 | 5.9 | 13.0% | — |
| CVE-2019-1163 | 5.5 | 2.2% | — |
| CVE-2019-1163 | 5.5 | 2.2% | — |
| CVE-2024-52550 | 8.0 | 1.4% | — |
| CVE-2023-38802 | 7.5 | 0.9% | — |
| CVE-2023-33668 | 9.8 | 0.9% | — |
| CVE-2023-34459 | 5.3 | 0.9% | — |
1
/ 100
low-risk
Active Threat
1/50 · Minimal
Exploit Availability
0/50 · Minimal