CWE-672—Operation on a Resource after Expiration or Release
PUBLISHEDweakness record
released 2008-04-11 · last modified 2025-12-11
Metadata
- CWE ID:
- CWE-672
- 摘要:
- Class
- 结构:
- Simple
- 状态:
- Draft
- 发布日期:
- 2008-04-11
- 更新日期:
- 2025-12-11
名称
Operation on a Resource after Expiration or Release
描述
The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.
常见后果
- 范围:
- Integrity, Confidentiality
- 影响:
- Modify Application Data, Read Application Data
- 注释:
- If a released resource is subsequently reused or reallocated, then an attempt to use the original resource might allow access to sensitive data that is associated with a different user or entity.
- 范围:
- Other, Availability
- 影响:
- Other, DoS: Crash, Exit, or Restart
- 注释:
- When a resource is released it might not be in an expected state, later attempts to access the resource may lead to resultant errors that may lead to a crash.