CWE-1072βData Resource Access without Use of Connection Pooling
PUBLISHEDweakness record
released 2019-01-03 Β· last modified 2025-12-11
Metadata
- CWE ID:
- CWE-1072
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Incomplete
- Release Date:
- 2019-01-03
- Latest Modification Date:
- 2025-12-11
Weakness Name
Data Resource Access without Use of Connection Pooling
Description
The product accesses a data resource through a database without using a connection pooling capability.
Common Consequences
- Scope:
- Other
- Impact:
- Reduce Performance
- Notes:
- This issue can make the product perform more slowly, as connection pools allow connections to be reused without the overhead and time consumption of opening and closing a new connection. If the relevant code is reachable by an attacker, then this performance problem might introduce a vulnerability.