StackHawk Documentation StackHawk Logo HawkDocs
vulnerabilities
40057

No results found

Try different keywords or check your spelling

Search documentation

Find guides, API references, and more

esc
Back to Index

API Unrestricted Resource Consumption

Reference
Plugin ID: 40057 CWE: 770 WASC: 25 Medium Active Resource Management
Resource

Remediation

To mitigate Unrestricted Resource Consumption vulnerabilities, implement the following security measures:

  1. Resource Limits: Implement strict limits on resource consumption including CPU time, memory usage, and processing time per request.

  2. Request Size Limits: Set maximum limits on request payload sizes to prevent resource exhaustion through large requests.

  3. Timeout Controls: Implement appropriate timeout controls for API operations to prevent long-running requests from consuming resources.

  4. Monitoring and Alerting: Monitor resource consumption patterns and implement alerting for abnormal usage that may indicate attacks.

About

Unrestricted Resource Consumption occurs when APIs do not properly limit resource usage, allowing attackers to exhaust system resources through malicious requests. This corresponds to OWASP API Security Top 10 2023 - API04: Unrestricted Resource Consumption.

Risks

Unrestricted Resource Consumption can result in:

  • Denial of Service (DoS) attacks
  • System resource exhaustion and instability
  • Increased operational costs
  • Service degradation for legitimate users
  • Potential system crashes and downtime

Your privacy settings

We use first and third party cookies to ensure that we give you the best experience on our website and in our products.

Privacy Policy