CWE-1072 - Data Resource Access without Use of Connection Pooling

CWE-1072

Abstraction:
Base

Structure:
Simple

Status:
Incomplete

Weakness Name: Data Resource Access without Use of Connection Pooling

Description: The product accesses a data resource through a database without using a connection pooling capability.
This issue can make the product perform more slowly, as connection pools allow connections to be reused without the overhead and time consumption of opening and closing a new connection. If the relevant code is reachable by an attacker, then this performance problem might introduce a vulnerability.

Common Consequences: Scope: Other
Impact: Reduce Performance

Related Weaknesses: CWE-405Asymmetric Resource Consumption (Amplification)

Release Date:
2019-01-03

Latest Modification Date:
2024-02-29

Free security scan for your website

Don't show website scan report rating on the leaderboard