CWE-1072
Data Resource Access without Use of Connection Pooling
Incomplete
2019-01-03
00h00 +00:00
00h00 +00:00
2024-02-29
00h00 +00:00
00h00 +00:00
Notifications pour un CWE
Restez informé de toutes modifications pour un CWE spécifique.
Nom: Data Resource Access without Use of Connection Pooling
The product accesses a data resource through a database without using a
connection pooling capability.
Description du CWE
This issue can make the product perform more slowly, as connection pools allow connections to be reused without the overhead and time consumption of opening and closing a new connection. If the relevant code is reachable by an attacker, then this performance problem might introduce a vulnerability.
Informations générales
Conséquences courantes
| Portée | Impact | Probabilité |
|---|---|---|
| Other | Reduce Performance |
Notes de cartographie des vulnérabilités
Justification : This entry is primarily a quality issue with no direct security implications.Commentaire : Look for weaknesses that are focused specifically on insecure behaviors that have more direct security implications.
Références
REF-959
Automated Source Code Performance Efficiency Measure (ASCPEM)Object Management Group (OMG).
https://www.omg.org/spec/ASCPEM/
REF-974
Connection poolWikipedia.
https://en.wikipedia.org/wiki/Connection_pool
Soumission
| Nom | Organisation | Date | Date de publication | Version |
|---|---|---|---|---|
| CWE Content Team | MITRE | 3.2 |
Modifications
| Nom | Organisation | Date | Commentaire |
|---|---|---|---|
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Description | |
| CWE Content Team | MITRE | updated References, Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes | |
| CWE Content Team | MITRE | updated Mapping_Notes |
