Détail du CWE-1073

The product contains a client with a function or method that contains a large number of data accesses/queries that are sent through a data manager, i.e., does not use efficient database capabilities.

While the interpretation of "large number of data accesses/queries" may vary for each product or developer, CISQ recommends a default maximum of 2 data accesses per function/method.

Modes d'introduction

Architecture and Design

Plateformes applicables

Langue

Name: SQL (Often)

Technologies

Name: Database Server (Often)

Conséquences courantes

Notes de cartographie des vulnérabilités

Justification : This entry is primarily a quality issue with no direct security implications.
Commentaire : Look for weaknesses that are focused specifically on insecure behaviors that have more direct security implications.

Références

REF-959

Automated Source Code Performance Efficiency Measure (ASCPEM)
Object Management Group (OMG).
https://www.omg.org/spec/ASCPEM/

Soumission

Modifications