CWE-1072: Data Resource Access without Use of Connection Pooling
The product accesses a data resource through a database without using a connection pooling capability.
Last updated
Overview
CWE-1072 (Data Resource Access without Use of Connection Pooling) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Real-world CVEs
1 recorded CVEs are caused by CWE-1072 (Data Resource Access without Use of Connection Pooling). The highest-severity and most recent are shown first. 1 new CWE-1072 CVE has been recorded so far in 2026.
Common consequences
What can happen when CWE-1072 is exploited.
Reduce Performance
Affects: Other
This issue can make the product perform more slowly, as connection pools allow connections to be reused without the overhead and time consumption of opening and closing a new connection. If the relevant code is reachable by an attacker, then this performance problem might introduce a vulnerability.
How it happens
When it is introduced
Typically introduced during these phases of the software lifecycle.