logo

CWE-672 - Operation on a Resource after Expiration or Release

CWE-672

  • Abstraction:
  • Class
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Operation on a Resource after Expiration or Release

Description

The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.

Common Consequences

Scope: Integrity, Confidentiality

Impact: Modify Application Data, Read Application Data

Notes: If a released resource is subsequently reused or reallocated, then an attempt to use the original resource might allow access to sensitive data that is associated with a different user or entity.

Scope: Other, Availability

Impact: Other, DoS: Crash, Exit, or Restart

Notes: When a resource is released it might not be in an expected state, later attempts to access the resource may lead to resultant errors that may lead to a crash.

Related Weaknesses
CWE-666
  • Release Date:
  • 2008-04-11
  • Latest Modification Date:
  • 2023-10-26