CWE-413β€”Improper Resource Locking

PUBLISHEDweakness record
released 2006-07-19 Β· last modified 2025-12-11

Metadata

CWE ID:
CWE-413
Abstraction:
Base
Structure:
Simple
Status:
Draft
Release Date:
2006-07-19
Latest Modification Date:
2025-12-11

Weakness Name

Improper Resource Locking

Description

The product does not lock or does not correctly lock a resource when the product must have exclusive access to the resource.

When a resource is not properly locked, an attacker could modify the resource while it is being operated on by the product. This might violate the product's assumption that the resource will not change, potentially leading to unexpected behaviors.

Common Consequences

Scope:
Integrity, Availability
Impact:
Modify Application Data, DoS: Instability, DoS: Crash, Exit, or Restart

Related Weaknesses