NIST 800-53 r5 · Controls catalogue · Family SC
SC-6Resource Availability
Protect the availability of resources by allocating {{ insert: param, sc-06_odp.01 }} by {{ insert: param, sc-06_odp.02 }}.
Last updated: 09 May 2026 03:25 UTC
Implementations targeting this control (0)
- No implementations targeting this control yet.
ATT&CK techniques this control mitigates (1)
- T1564.009 Resource Forking Stealth
Weaknesses this control addresses (5)AI
CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.
| CWE | Name | CVEs | Why this control addresses it |
|---|---|---|---|
CWE-400 | Uncontrolled Resource Consumption | 3,324 | Directly mitigates uncontrolled consumption by enforcing allocation limits/quotas that preserve availability for legitimate use. |
CWE-770 | Allocation of Resources Without Limits or Throttling | 1,979 | Implements the missing limits and throttling on resource allocation that this weakness describes. |
CWE-799 | Improper Control of Interaction Frequency | 67 | Allocation policies inherently restrict interaction frequency, reducing the impact of excessive requests. |
CWE-405 | Asymmetric Resource Consumption (Amplification) | 40 | Limits amplification effects by controlling how resources are allocated under high-volume or recursive load. |
CWE-410 | Insufficient Resource Pool | 19 | Ensures a managed resource pool is maintained rather than allowing exhaustion by any single consumer. |
Top CVEs where this control is the strongest mitigation
| CVE | Risk | CVSS | EPSS | Match |
|---|---|---|---|---|
CVE-2025-61303 | 2.0 | 9.8 | 0.0010 | good |
CVE-2026-40104 | 1.6 | 8.2 | 0.0008 | good |
CVE-2024-46667 | 1.5 | 7.5 | 0.0064 | good |
CVE-2024-41743 | 1.5 | 7.5 | 0.0007 | good |
CVE-2025-27795 | 0.9 | 4.3 | 0.0008 | good |
CVE-2026-31283 | 2.0 | 9.8 | 0.0006 | good |
CVE-2024-12705 | 1.8 | 7.5 | 0.0562 | good |
CVE-2024-37358 | 1.8 | 8.6 | 0.0076 | good |
CVE-2025-26819 | 1.7 | 8.6 | 0.0012 | good |
CVE-2026-26130 | 1.7 | 7.5 | 0.0348 | good |
CVE-2026-41309 | 1.6 | 8.2 | 0.0008 | good |
CVE-2026-35457 | 1.6 | 8.2 | 0.0005 | good |
CVE-2025-21389 | 1.6 | 7.5 | 0.0239 | good |
CVE-2024-46668 | 1.6 | 7.5 | 0.0216 | good |
CVE-2018-25108 | 1.6 | 7.5 | 0.0118 | good |
CVE-2024-49735 | 1.6 | 7.8 | 0.0003 | good |
CVE-2025-1059 | 1.5 | 7.5 | 0.0067 | good |
CVE-2026-33483 | 1.5 | 7.5 | 0.0058 | good |
CVE-2025-25374 | 1.5 | 7.5 | 0.0082 | good |
CVE-2025-29910 | 1.5 | 7.5 | 0.0063 | good |
CVE-2024-9631 | 1.5 | 7.5 | 0.0014 | good |
CVE-2024-7765 | 1.5 | 7.5 | 0.0041 | good |
CVE-2026-26171 | 1.5 | 7.5 | 0.0053 | good |
CVE-2025-24312 | 1.5 | 7.5 | 0.0042 | good |
CVE-2024-57664 | 1.5 | 7.5 | 0.0011 | good |