CWE WEAKNESSES / CWE-402
CWE-402
Transmission of Private Resources into a New Sphere ('Resource Leak')
Class
What it is
The product makes resources available to untrusted parties when those resources are only intended to be accessed by the product.
Impact
| Confidentiality | Read Application Data |
Real-world CVE examples
- CVE-2003-0740 — Server leaks a privileged file descriptor, allowing the server to be hijacked.
- CVE-2004-1033 — File descriptor leak allows read of restricted files.
Related weaknesses
Test & detect
Browse all common weaknesses, check related exploited CVEs, or map to ATT&CK techniques.
Source: MITRE CWE. View on cwe.mitre.org →