BaseIncomplete

CWE-694Use of Multiple Resources with Duplicate Identifier

Category: logic

Description

The product uses multiple resources that can have the same identifier, in a context in which unique identifiers are required. If the product assumes that each resource has a unique identifier, the product could operate on the wrong resource if attackers can cause multiple resources to be associated with the same identifier.

Common consequences· 2

  • Access Control — Bypass Protection Mechanism
    If unique identifiers are assumed when protecting sensitive resources, then duplicate identifiers might allow attackers to bypass the protection.
  • Other — Quality Degradation

Potential mitigations· 1

  • [Architecture and Design]Where possible, use unique identifiers. If non-unique identifiers are detected, then do not operate any resource with a non-unique identifier and report the error appropriately.

References

  1. https://cwe.mitre.org/data/definitions/694.html

(incoming)2

TypeTargetConfidenceTier
VulnerabilityCVE-2025-13609cve-2025-136090%live
VulnerabilityCVE-2025-59048cve-2025-590480%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Improper Control of Resource Identifiers ('Resource Injection')
CWE
Generation of Predictable Numbers or Identifiers
CWE
Incorrect Synchronization
CWE
Exposure of Sensitive Information to an Unauthorized Actor
CWE
Creation of Emergent Resource
CWE
Weak Authentication
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.