CWE-821 不正确的同步机制

  • A+
所属分类:CWE(弱点枚举)

CWE-821 不正确的同步机制

Incorrect Synchronization

结构: Simple

Abstraction: Base

状态: Incomplete

被利用可能性: unkown

基本描述

The software utilizes a shared resource in a concurrent manner but it does not correctly synchronize access to the resource.

扩展描述

If access to a shared resource is not correctly synchronized, then the resource may not be in a state that is expected by the software. This might lead to unexpected or insecure behaviors, especially if an attacker can influence the shared resource.

相关缺陷

  • cwe_Nature: ChildOf cwe_CWE_ID: 662 cwe_View_ID: 1000 cwe_Ordinal: Primary

  • cwe_Nature: ChildOf cwe_CWE_ID: 662 cwe_View_ID: 699 cwe_Ordinal: Primary

常见的影响

范围 影响 注释
['Integrity', 'Confidentiality', 'Other'] ['Modify Application Data', 'Read Application Data', 'Alter Execution Logic']

文章来源于互联网:scap中文网

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: