PillarDraft

CWE-664Improper Control of a Resource Through its Lifetime

Category: logic

Description

The product does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release.

Common consequences· 1

  • Other — Other

Related CAPEC attack patterns· 5

CAPEC-196CAPEC-21CAPEC-60CAPEC-61CAPEC-62

References

  1. https://cwe.mitre.org/data/definitions/664.html

Exploits (incoming)5

TypeTargetConfidenceTier
AttackPatternReusing Session IDs (aka Session Replay)capec-60100%live
AttackPatternSession Credential Falsification through Forgingcapec-196100%live
AttackPatternExploitation of Trusted Identifierscapec-21100%live
AttackPatternCross Site Request Forgerycapec-62100%live
AttackPatternSession Fixationcapec-61100%live

(incoming)2

TypeTargetConfidenceTier
VulnerabilityCVE-2026-8517cve-2026-85170%live
KEVEntryCitrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerabilitykev-cve-2022-275180%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Missing Release of Resource after Effective Lifetime
CWE
Operation on a Resource after Expiration or Release
CWE
Uncontrolled Resource Consumption
CWE
Improper Ownership Management
CWE
Improper Resource Shutdown or Release
CWE
Premature Release of Resource During Expected Lifetime
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.