CWE-672βOperation on a Resource after Expiration or Release
PUBLISHEDweakness record
released 2008-04-11 Β· last modified 2025-12-11
Metadata
- CWE ID:
- CWE-672
- Abstraction:
- Class
- Structure:
- Simple
- Status:
- Draft
- Release Date:
- 2008-04-11
- Latest Modification Date:
- 2025-12-11
Weakness Name
Operation on a Resource after Expiration or Release
Description
The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.
Common Consequences
- Scope:
- Integrity, Confidentiality
- Impact:
- Modify Application Data, Read Application Data
- Notes:
- If a released resource is subsequently reused or reallocated, then an attempt to use the original resource might allow access to sensitive data that is associated with a different user or entity.
- Scope:
- Other, Availability
- Impact:
- Other, DoS: Crash, Exit, or Restart
- Notes:
- When a resource is released it might not be in an expected state, later attempts to access the resource may lead to resultant errors that may lead to a crash.