BaseIncomplete

CWE-1073Non-SQL Invokable Control Element with Excessive Number of Data Resource Accesses

Category: injection

Description

The product contains a client with a function or method that contains a large number of data accesses/queries that are sent through a data manager, i.e., does not use efficient database capabilities.

Common consequences· 1

  • Other — Reduce Performance
    This issue can make the product perform more slowly. If the relevant code is reachable by an attacker, then this performance problem might introduce a vulnerability.

References

  1. https://cwe.mitre.org/data/definitions/1073.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Excessive Number of Inefficient Server-Side Data Accesses
CWE
Data Access Operations Outside of Expected Data Manager Component
CWE
Invokable Control Element with Excessive File or Data Access Operations
CWE
Excessive Execution of Sequential Searches of Data Resource
CWE
Excessive Data Query Operations in a Large Data Table
CWE
Data Access from Outside Expected Data Manager Component
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.