CWE-372 - Incomplete Internal State Distinction

Description

The software does not properly determine which state it is in, causing it to assume it is in state X when in fact it is in state Y, causing it to perform incorrect operations in a security-relevant manner.

Latest vulnerabilities for CWE-372

Denial of service in Junos OS SRX 4600 and SRX 5000 series routers 2023-07-14
Medium Yes

Multiple vulnerabilities in ABB SPIET800 and PNI800 2022-04-08
Medium Yes

References

Description of CWE-372 on Mitre website