CWE-413

• CWE ID
• 413

• CWE Name
• Improper Resource Locking

• CWE Abstraction
• Base

• CWE structure
• Simple

• CWE Status
• Draft

The software does not lock or does not correctly lock a resource when the software must have exclusive access to the resource.

When a resource is not properly locked, an attacker could modify the resource while it is being operated on by the software. This might violate the software's assumption that the resource will not change, potentially leading to unexpected behaviors.