CWE-1065: Runtime Resource Management Control Element in a Component Built to Run on Application Servers
The product uses deployed components from application servers, but it also uses low-level functions/methods for management of resources, instead of the API provided by the application server.
Last updated
Overview
CWE-1065 (Runtime Resource Management Control Element in a Component Built to Run on Application Servers) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Common consequences
What can happen when CWE-1065 is exploited.
Reduce Reliability
Affects: Other
This issue can prevent the product from running reliably. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability.
How it happens
When it is introduced
Typically introduced during these phases of the software lifecycle.
Terminology & mappings
Mapped taxonomies
- OMG ASCRM (ASCRM-RLB-5)
Frequently asked questions
Common questions about CWE-1065.
- What is CWE-1065?
- The product uses deployed components from application servers, but it also uses low-level functions/methods for management of resources, instead of the API provided by the application server.
- What are the consequences of CWE-1065?
- Exploiting CWE-1065 can lead to: Reduce Reliability.
References
- MITRE CWE definition (CWE-1065) (opens in a new tab)
- CWE-1065 vulnerabilities on NVD (opens in a new tab)
- Learn: What is a CWE?
Weakness data is sourced from the MITRE CWE catalog (v4.20). CVE associations are aggregated and kept current by RadicalNotion.AI.
Stay ahead of CWE-1065
Get alerted the moment a new CWE-1065 vulnerability affects your stack, with AI-written analysis, severity context, and remediation guidance.