CWE-1065: Runtime Resource Management Control Element in a Component Built to Run on Application Servers

BaseIncomplete

The product uses deployed components from application servers, but it also uses low-level functions/methods for management of resources, instead of the API provided by the application server.

View on MITRE

Back to CWE Lookup

Extended Description

This issue can prevent the product from running reliably. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability.

Technical Details

Structure: Simple

Applicable To

Languages

Platforms

Frequently Asked Questions

What is CWE-1065: Runtime Resource Management Control Element in a Component Built to Run on Application Servers?+

CWE-1065: Runtime Resource Management Control Element in a Component Built to Run on Application Servers is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product uses deployed components from application servers, but it also uses low-level functions/methods for management of resources, instead of the API provided by the application server. This issue can prevent the product from running reliably. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability.

What are the security consequences of Runtime Resource Management Control Element in a Component Built to Run on Application Servers?+

If exploited, CWE-1065 (Runtime Resource Management Control Element in a Component Built to Run on Application Servers) it can compromise Other, leading to outcomes such as Reduce Reliability.

What is the difference between a CWE and a CVE?+

A CWE (Common Weakness Enumeration) like CWE-1065 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.