CWE-400, also referred to as resource exhaustion, occurs when a system fails to properly manage or limit the use of resources such as CPU, memory, disk space, or network bandwidth. Attackers exploit this weakness to degrade system performance or cause a complete denial of service (DoS).
Improper Authentication occurs when a software application fails to properly verify the identity of a user or system attempting to gain access. This weakness enables unauthorised entities to bypass security measures and gain access to sensitive data or system functionalities.
Path traversal, also known as directory traversal, is a vulnerability that allows an attacker to access files and directories stored outside the intended directory. By exploiting improper validation of user-supplied input, attackers can manipulate file paths to access sensitive system files, configuration files, or any other data stored on the server.