logo

CWE-410 - Insufficient Resource Pool

CWE-410

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Incomplete
Weakness Name

Insufficient Resource Pool

Description

The product's resource pool is not large enough to handle peak demand, which allows an attacker to prevent others from accessing the resource by using a (relatively) large number of requests for resources.

Frequently the consequence is a "flood" of connection or sessions.

Common Consequences

Scope: Availability, Integrity, Other

Impact: DoS: Crash, Exit, or Restart, Other

Notes: Floods often cause a crash or other problem besides denial of the resource itself; these are likely examples of *other* vulnerabilities, not an insufficient resource pool.

Related Weaknesses
  • Release Date:
  • 2006-07-19
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website