CWE-770β€”Allocation of Resources Without Limits or Throttling

PUBLISHEDweakness recordHigh
released 2009-05-27 Β· last modified 2025-12-11
CWE-770 - Allocation of Resources Without Limits or Throttling - Diagram

Metadata

CWE ID:
CWE-770
Abstraction:
Base
Structure:
Simple
Status:
Incomplete
Release Date:
2009-05-27
Latest Modification Date:
2025-12-11

Weakness Name

Allocation of Resources Without Limits or Throttling

Description

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

Common Consequences

Scope:
Availability
Impact:
DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory), DoS: Resource Consumption (Other)
Notes:
When allocating resources without limits, an attacker could prevent other systems, applications, or processes from accessing the same type of resource. It can be easy for an attacker to consume many resources by rapidly making many requests or causing larger resources to be used than is needed.

Related Weaknesses