CWE-1084: Invokable Control Element with Excessive File or Data Access Operations
A function or method contains too many operations that utilize a data manager or file resource.
Last updated
Overview
While the interpretation of "too many operations" may vary for each product or developer, CISQ recommends a default maximum of 7 operations for the same data manager or file.
Common consequences
What can happen when CWE-1084 is exploited.
Reduce Maintainability
Affects: Other
This issue makes it more difficult to maintain the product, which indirectly affects security by making it more difficult or time-consuming to find and/or fix vulnerabilities. It also might make it easier to introduce vulnerabilities.
How it happens
When it is introduced
Typically introduced during these phases of the software lifecycle.
Terminology & mappings
Mapped taxonomies
- OMG ASCMM (ASCMM-MNT-14)
Frequently asked questions
Common questions about CWE-1084.
- What is CWE-1084?
- A function or method contains too many operations that utilize a data manager or file resource.
- What are the consequences of CWE-1084?
- Exploiting CWE-1084 can lead to: Reduce Maintainability.
References
- MITRE CWE definition (CWE-1084) (opens in a new tab)
- CWE-1084 vulnerabilities on NVD (opens in a new tab)
- Learn: What is a CWE?
Weakness data is sourced from the MITRE CWE catalog (v4.20). CVE associations are aggregated and kept current by RadicalNotion.AI.
Stay ahead of CWE-1084
Get alerted the moment a new CWE-1084 vulnerability affects your stack, with AI-written analysis, severity context, and remediation guidance.