diff --git a/java/ql/src/experimental/Security/CWE/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql b/java/ql/src/experimental/Security/CWE/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql
index 5fac4f2c6c9..287a3f07a6c 100644
--- a/java/ql/src/experimental/Security/CWE/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql
+++ b/java/ql/src/experimental/Security/CWE/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql
@@ -74,7 +74,7 @@ private class EncryptedBlobClientBuilderSafeEncryptionVersionConfig extends Data
  */
 predicate isCreatingSafeAzureClientSideEncryptionObject(Call call, Class c, Expr versionArg) {
   isCreatingAzureClientSideEncryptionObjectNewVersion(call, c, versionArg) and
-  exists(EncryptedBlobClientBuilderEncryptionVersionConfig config, DataFlow::Node sink |
+  exists(EncryptedBlobClientBuilderSafeEncryptionVersionConfig config, DataFlow::Node sink |
     sink.asExpr() = versionArg
   |
     config.hasFlow(_, sink)