CWE-408: Incorrect Behavior Order: Early Amplification
low-riskThe product allows an entity to perform a legitimate but expensive operation before authentication or authorization has taken place.
Abstraction: Base
Common Consequences
Availability
→
DoS: Amplification
Real-World Examples (2)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2020-1657 | 7.5 | 0.4% | — |
| CVE-2022-2576 | 7.5 | 0.2% | — |
0
/ 100
low-risk
Active Threat
0/50 · Minimal
Exploit Availability
0/50 · Minimal