CWE-410 - Insufficient Resource Pool
CWE-410
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Incomplete
- Weakness Name
Insufficient Resource Pool
- Description
The product's resource pool is not large enough to handle peak demand, which allows an attacker to prevent others from accessing the resource by using a (relatively) large number of requests for resources.
Frequently the consequence is a "flood" of connection or sessions.
- Common Consequences
Scope: Availability, Integrity, Other
Impact: DoS: Crash, Exit, or Restart, Other
Notes: Floods often cause a crash or other problem besides denial of the resource itself; these are likely examples of *other* vulnerabilities, not an insufficient resource pool.
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free security scan for your website