BaseDraft

CWE-408Incorrect Behavior Order: Early Amplification

Category: other

Description

The product allows an entity to perform a legitimate but expensive operation before authentication or authorization has taken place.

Common consequences· 1

  • Availability — DoS: Amplification, DoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory)
    System resources, CPU and memory, can be quickly consumed. This can lead to poor system performance or system crash.

References

  1. https://cwe.mitre.org/data/definitions/408.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Incorrect Behavior Order: Early Validation
CWE
Exposure of Resource to Wrong Sphere
CWE
Improper Authorization
CWE
Improper Access Control
CWE
Execution with Unnecessary Privileges
CWE
Incorrect Behavior Order: Validate Before Filter
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.