CWE-410 - Insufficient Resource Pool

CWE-410

Abstraction:
Base

Structure:
Simple

Status:
Incomplete

Weakness Name: Insufficient Resource Pool

Description: The product's resource pool is not large enough to handle peak demand, which allows an attacker to prevent others from accessing the resource by using a (relatively) large number of requests for resources.
Frequently the consequence is a "flood" of connection or sessions.

Common Consequences: Scope: Availability, Integrity, Other
Impact: DoS: Crash, Exit, or Restart, Other
Notes: Floods often cause a crash or other problem besides denial of the resource itself; these are likely examples of *other* vulnerabilities, not an insufficient resource pool.

Related Weaknesses

CWE-664Improper Control of a Resource Through its Lifetime

CWE-400Uncontrolled Resource ConsumptionHigh

Release Date:
2006-07-19

Latest Modification Date:
2023-06-29

Free security scan for your website

Don't show website scan report rating on the leaderboard