What Is An Uncontrolled Resource Consumption Error?

Mayhem Team
June 1, 2022
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

CWE-400 Uncontrolled Resource Consumption occurs when an application does not properly control the number and/or size of resources that it allocates, it can consume too many resources. This can lead to performance degradation, denial-of-service conditions, and resource leaks. In some cases, uncontrolled resource consumption may allow attackers to perform resource exhaustion attacks in which they can take control of the application or cause it to crash.

CWE-400 is a dangerous vulnerability because it can be exploited relatively easily and can have a significant impact on an application's availability and performance. There are many different types of resources that an application can consume, so this weakness can occur in a wide variety of situations. For example, an application may consume too much memory, CPU time, disk space, or network bandwidth.

To mitigate this weakness, developers should carefully control the number and size of resources that their applications allocate. They should also ensure that their applications release any unused resources when they are no longer needed. Additionally, developers should design their applications to gracefully handle situations in which resource consumption exceeds expectations.

Share this post

Fancy some inbox Mayhem?

Subscribe to our monthly newsletter for expert insights and news on DevSecOps topics, plus Mayhem tips and tutorials.

By subscribing, you're agreeing to our website terms and privacy policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Add Mayhem to Your DevSecOps for Free.

Get a full-featured 30 day free trial.

Complete API Security in 5 Minutes

Get started with Mayhem today for fast, comprehensive, API security. 

Get Mayhem

Maximize Code Coverage in Minutes

Mayhem is an award-winning AI that autonomously finds new exploitable bugs and improves your test suites.

Get Mayhem