CWE-1072
Data Resource Access without Use of Connection Pooling
Incomplete
2019-01-03 00:00 +00:00
2024-02-29 00:00 +00:00
Alerte pour un CWE
Stay informed of any changes for a specific CWE.
Data Resource Access without Use of Connection Pooling
The product accesses a data resource through a database without using a
connection pooling capability.
Extended Description
This issue can make the product perform more slowly, as connection pools allow connections to be reused without the overhead and time consumption of opening and closing a new connection. If the relevant code is reachable by an attacker, then this performance problem might introduce a vulnerability.
Informations
Common Consequences
| Scope | Impact | Likelihood |
|---|---|---|
| Other | Reduce Performance |
Vulnerability Mapping Notes
Rationale : This entry is primarily a quality issue with no direct security implications.Comments : Look for weaknesses that are focused specifically on insecure behaviors that have more direct security implications.
References
REF-959
Automated Source Code Performance Efficiency Measure (ASCPEM)Object Management Group (OMG).
https://www.omg.org/spec/ASCPEM/
REF-974
Connection poolWikipedia.
https://en.wikipedia.org/wiki/Connection_pool
Submission
| Name | Organization | Date | Date Release | Version |
|---|---|---|---|---|
| CWE Content Team | MITRE | 3.2 |
Modifications
| Name | Organization | Date | Comment |
|---|---|---|---|
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Description | |
| CWE Content Team | MITRE | updated References, Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes | |
| CWE Content Team | MITRE | updated Mapping_Notes |
2024©
tesweb SA
