Common Weakness Enumeration

CWE-406

Insufficient Control of Network Message Volume (Network Amplification)

The product does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the product to transmit more traffic than should be allowed for that actor.

Mitigation

Phase: Architecture and Design

Strategy: Separation of Privilege

Description:

An application must make network resources available to a client commensurate with the client's access level.

Mitigation

Phase: Policy

Description:

Define a clear policy for network resource allocation and consumption.

Mitigation

Phase: Implementation

Description:

An application must, at all times, keep track of network resources and meter their usage appropriately.

No CAPEC attack patterns related to this CWE.

Back to CWE stats page