CWE-672 - Operation on a Resource after Expiration or Release
- Abstraction:Class
- Structure:Simple
- Status:Draft
- Release Date:2008-04-11
- Latest Modification Date:2023-10-26
Weakness Name
Operation on a Resource after Expiration or Release
Description
The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.
Common Consequences
Scope: Integrity, Confidentiality
Impact: Modify Application Data, Read Application Data
Notes: If a released resource is subsequently reused or reallocated, then an attempt to use the original resource might allow access to sensitive data that is associated with a different user or entity.
Scope: Other, Availability
Impact: Other, DoS: Crash, Exit, or Restart
Notes: When a resource is released it might not be in an expected state, later attempts to access the resource may lead to resultant errors that may lead to a crash.