CWE-413 - Improper Resource Locking
- Abstraction:Base
- Structure:Simple
- Status:Draft
- Release Date:2006-07-19
- Latest Modification Date:2023-10-26
Weakness Name
Improper Resource Locking
Description
The product does not lock or does not correctly lock a resource when the product must have exclusive access to the resource.
When a resource is not properly locked, an attacker could modify the resource while it is being operated on by the product. This might violate the product's assumption that the resource will not change, potentially leading to unexpected behaviors.
Common Consequences
Scope: Integrity, Availability
Impact: Modify Application Data, DoS: Instability, DoS: Crash, Exit, or Restart