Back to CWE list
CWE-1088
Synchronous Access of Remote Resource without Timeout
Base
Incomplete
Description
The code has a synchronous call to a remote resource, but there is no timeout for the call, or the timeout is set to infinite.
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Other
Impact
Reduce Reliability
CVE-2024-8062API endpoint performs a HEAD request without a timeout, allowing attackers to cause the server to hang
CVE-2024-8061development product for AI can make requests to external servers without timeouts and does not respond to other requests while waiting, allowing DoS
Applicable Platforms
Not Language-Specific
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now