logo
Home/CWEs/CWE-408/

CWE-408 - Incorrect Behavior Order: Early Amplification

  • Abstraction:Base
  • Structure:Simple
  • Status:Draft
  • Release Date:2006-07-19
  • Latest Modification Date:2024-02-29

Weakness Name

Incorrect Behavior Order: Early Amplification

Description

The product allows an entity to perform a legitimate but expensive operation before authentication or authorization has taken place.

Common Consequences

Scope: Availability

Impact: DoS: Amplification, DoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory)

Notes: System resources, CPU and memory, can be quickly consumed. This can lead to poor system performance or system crash.

Related Weaknesses

CWE-405Asymmetric Resource Consumption (Amplification)

CWE-696Incorrect Behavior Order