CWE-771 6 件の CVE MITRE の定義 ↗

CWE-771: Missing Reference to Active Allocated Resource

概要

CWE-771(Missing Reference to Active Allocated Resource)は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。

セキュリティへの影響
セキュリティ影響:製品や文脈に依存します。CVE 記録、深刻度、MITRE の説明を参照して優先度を判断してください。

説明

The product does not properly maintain a reference to a resource that has been allocated, which prevents the resource from being reclaimed.

適用プラットフォーム

種別 名称 クラス 普遍性 OS / CPE
language Not Language-Specific Undetermined

このデータベースの関連 CVE

これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。

CVE 公開 概要
CVE-2026-3039 2026-05-20 BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typi…
CVE-2026-20004 2026-03-25 A vulnerability in the TLS library of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust the available memory of an affected device. This vulnerability is due to imp…
CVE-2025-21090 2025-08-12 Missing reference to active allocated resource for some Intel(R) Xeon(R) processors may allow an authenticated user to potentially enable denial of service via local access.
CVE-2024-56343 2025-06-06 IBM Verify Identity Access Digital Credentials 24.06 could allow an authenticated user to crash the service with a specially crafted POST request.
CVE-2023-20244 2023-11-01 A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a …
CVE-2021-34720 2021-09-09 A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker …

コンテンツ投稿

名称
CWE Content Team
組織
MITRE
日付
2009-05-13
バージョン
1.4

コンテンツの変更履歴

日付 名称 バージョン 重要度 コメント
2009-07-27 CWE Content Team 1.5 updated Relationships
2010-04-05 CWE Content Team 1.8.1 updated Potential_Mitigations
2011-06-01 CWE Content Team 1.13 updated Common_Consequences
2012-05-11 CWE Content Team 2.2 updated Relationships
2012-10-30 CWE Content Team 2.3 updated Potential_Mitigations
2014-07-30 CWE Content Team 2.8 updated Relationships, Taxonomy_Mappings
2017-01-19 CWE Content Team 2.10 updated Relationships
2017-11-08 CWE Content Team 3.0 updated Likelihood_of_Exploit, Taxonomy_Mappings
2019-01-03 CWE Content Team 3.2 updated Common_Consequences, Maintenance_Notes, Relationships, Theoretical_Notes
2020-02-24 CWE Content Team 4.0 updated Relationships, Taxonomy_Mappings
2022-10-13 CWE Content Team 4.9 updated Relationships, Taxonomy_Mappings
2023-01-31 CWE Content Team 4.10 updated Description
2023-04-27 CWE Content Team 4.11 updated Relationships, Taxonomy_Mappings, Time_of_Introduction
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2025-12-11 CWE Content Team 4.19 updated Applicable_Platforms, Detection_Factors, Weakness_Ordinalities

貢献

タイプ 名称 日付 コメント
Content "Mapping CWE to 62443" Sub-Working Group 2023-04-25 Suggested mappings to ISA/IEC 62443.
cvelogic Threat Intelligence