CWE-1072: CWE-1072: Data Resource Access without Use of Connection Pooling

BaseStable

Description

View on MITRE
Back to CWE Lookup

Technical Details

Structure
Simple
Vulnerability Mapping
PROHIBITED

Applicable To

Languages
Languages
Platforms
Languages

Frequently Asked Questions

What is CWE-1072: CWE-1072: Data Resource Access without Use of Connection Pooling?+

CWE-1072: CWE-1072: Data Resource Access without Use of Connection Pooling is a Common Weakness Enumeration (CWE) entry maintained by MITRE. Description

What are the security consequences of CWE-1072: Data Resource Access without Use of Connection Pooling?+

If exploited, CWE-1072 (CWE-1072: Data Resource Access without Use of Connection Pooling) it can compromise Reduce Performance, leading to outcomes such as Scope: Other This issue can make the product perform more slowly, as connection pools allow connections to be reused without the overhead and time consumption of opening and closing a new connection. If the relevant code is reachable by an attacker and then this performance problem might introduce a vulnerability..

Which programming languages are affected by CWE-1072: Data Resource Access without Use of Connection Pooling?+

CWE-1072 commonly affects Languages. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.

What is the difference between a CWE and a CVE?+

A CWE (Common Weakness Enumeration) like CWE-1072 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.

Learn More