Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE-414:Missing Lock Check
Weakness ID:414
Version:v4.17
Weakness Name:Missing Lock Check
Vulnerability Mapping:Allowed
Abstraction:Base
Structure:Simple
Status:Draft
Likelihood of Exploit:
DetailsContent HistoryObserved CVE ExamplesReports
▼Description

A product does not check to see if a lock is present before performing sensitive operations on a resource.

▼Extended Description

▼Alternate Terms
▼Relationships
Relevant to the view"Research Concepts - (1000)"
NatureMappingTypeIDName
▼Memberships
NatureMappingTypeIDName
▼Tags
NatureMappingTypeIDName
▼Relevant To View
▼Background Detail

▼Common Consequences
ScopeLikelihoodImpactNote
IntegrityAvailabilityN/AModify Application DataDoS: InstabilityDoS: Crash, Exit, or Restart
N/A
Scope: Integrity, Availability
Likelihood: N/A
Impact: Modify Application Data, DoS: Instability, DoS: Crash, Exit, or Restart
Note:
N/A
▼Potential Mitigations
Phase:Architecture and Design, Implementation
Mitigation ID:
Strategy:
Effectiveness:
Description:

Implement a reliable lock mechanism.

Note:

▼Modes Of Introduction
Phase: Architecture and Design
Note:

N/A

Phase: Implementation
Note:

N/A

▼Applicable Platforms
Languages
Class: Not Language-Specific(Undetermined Prevalence)
▼Demonstrative Examples
▼Observed Examples
ReferenceDescription
CVE-2004-1056
Product does not properly check if a lock is present, allowing other attackers to access functionality.
Reference: CVE-2004-1056
Description:
Product does not properly check if a lock is present, allowing other attackers to access functionality.
▼Affected Resources
    ▼Functional Areas
      ▼Weakness Ordinalities
      OrdinalityDescription
      ▼Detection Methods
      ▼Vulnerability Mapping Notes
      Usage:Allowed
      Reason:Acceptable-Use
      Rationale:

      This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.

      Comments:

      Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

      Suggestions:
      ▼Notes
      ▼Taxonomy Mappings
      Taxonomy NameEntry IDFitEntry Name
      PLOVERN/AN/AMissing Lock Check
      Software Fault PatternsSFP19N/AMissing Lock
      Taxonomy Name: PLOVER
      Entry ID: N/A
      Fit: N/A
      Entry Name: Missing Lock Check
      Taxonomy Name: Software Fault Patterns
      Entry ID: SFP19
      Fit: N/A
      Entry Name: Missing Lock
      ▼Related Attack Patterns
      IDName
      ▼References
      Details not found