Improper Validation of Integrity Check Value

This vulnerability occurs when an application fails to properly validate integrity check values such as checksums, hashes, or message authentication values before processing data. As a result, modified, corrupted, or maliciously tampered data may be accepted as legitimate. Attackers may exploit this weakness to inject unauthorized content, bypass integrity protections, or manipulate communications between systems.

Remediation Recommendation

Ensure all integrity check values are validated against independently calculated values before processing or trusting incoming data. Implement checksum or cryptographic integrity verification according to the relevant protocol or specification, and reject any data that fails validation checks.

Metadata

Severity: high
Slug: improper-validation-of-integrity-check-value

CWEs

354: Improper Validation of Integrity Check Value

Available Labs

Select a language to explore available labs for this vulnerability.

1 Lab

C Labs

C 1 lab

Explore 1 lab in C.

No matching labs found

Try adjusting your language filter.

Play AppSec WarGames

Want to skill-up in secure coding and AppSec? Try SecDim Wargames to learn how to find, hack and fix security vulnerabilities inspired by real-world incidents.

For Companies Play Now

Got a comment?

Join our secure coding and AppSec community. A discussion board to share and discuss all aspects of secure programming, AppSec, DevSecOps, fuzzing, cloudsec, AIsec code review, and more.