forked from aquasecurity/vuln-list
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCWE-1060.json
27 lines (27 loc) · 908 Bytes
/
CWE-1060.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
{
"ID": 1060,
"Name": "Excessive Number of Inefficient Server-Side Data Accesses",
"Description": "The product performs too many data queries without using efficient data processing functionality such as stored procedures.",
"PotentialMitigations": {
"Mitigation": null
},
"RelatedAttackPatterns": {
"RelatedAttackPattern": null
},
"CommonConsequences": {
"Consequence": [
{
"Scope": [
"Other"
],
"Impact": [
"Reduce Performance"
]
}
]
},
"ExtendedDescription": [
"This issue can make the product perform more slowly due to computational expense. If the relevant code is reachable by an attacker, then this performance problem might introduce a vulnerability.",
"While the interpretation of \"too many data queries\" may vary for each product or developer, CISQ recommends a default maximum of 5 data queries for an inefficient function/procedure."
]
}