API4:2023 — Unrestricted Resource Consumption

Verified by Precogs Threat Research
OWASP API 2023Rank #4

What is Unrestricted Resource Consumption in APIs?

APIs that don't limit the number of requests, payload sizes, or resources consumed per client. Missing rate limiting, no pagination limits, uncapped file uploads, and unbounded batch operations.

Impact

Enables denial of service, cost inflation on pay-per-use APIs, and data exfiltration through overly large response payloads.

How Precogs AI Addresses API4

Precogs AI identifies missing rate limiting, unbounded query parameters, and missing pagination in API implementations during code analysis and runtime testing.

Scan for API4 Risks

Related CWEs

Related Resources

🔍 Related CWE Entries

🛡️ Notable Vulnerabilities

🔗 External References

Risk Overview

CategoryOWASP API 2023
Rank#4
CWEs3

Quick Links

Protect Against API4

Precogs AI continuously scans for API risks across your codebase and binaries.

Start Free Scan