CWE-413 - Improper Resource Locking

CWE-413

Abstraction:
Base

Structure:
Simple

Status:
Draft

Weakness Name: Improper Resource Locking

Description: The product does not lock or does not correctly lock a resource when the product must have exclusive access to the resource.
When a resource is not properly locked, an attacker could modify the resource while it is being operated on by the product. This might violate the product's assumption that the resource will not change, potentially leading to unexpected behaviors.

Common Consequences: Scope: Integrity, Availability
Impact: Modify Application Data, DoS: Instability, DoS: Crash, Exit, or Restart

Related Weaknesses: CWE-667Improper Locking

Release Date:
2006-07-19

Latest Modification Date:
2023-10-26

Free security scan for your website

Don't show website scan report rating on the leaderboard