Cyber Resilience

NIST 800-53 r5 · Controls catalogue · Family SC

SC-5Denial-of-service Protection

{{ insert: param, sc-05_odp.02 }} the effects of the following types of denial-of-service events: {{ insert: param, sc-05_odp.01 }} ; and Employ the following controls to achieve the denial-of-service objective: {{ insert: param, sc-05_odp.03 }}.

Last updated: 04 July 2026 00:28 UTC

Cumulative inbound coverage

How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.

Collective: partial · 3 mapping(s) from 2 framework(s): CSF 2.0 2 (partial) · ASVS 5.0 1 (partial)

See the full cumulative-coverage rollup →

Implementations targeting this control (1)

ATT&CK techniques this control mitigates (1)

Weaknesses this control addresses (8)AI

CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.

CWE Name CVEs Why this control addresses it
CWE-400Uncontrolled Resource Consumption3,572Directly limits uncontrolled resource consumption that leads to denial-of-service.
CWE-770Allocation of Resources Without Limits or Throttling2,210Requires throttling and limits on resource allocation to prevent exhaustion.
CWE-835Loop with Unreachable Exit Condition ('Infinite Loop')983Detects and mitigates infinite loops that produce sustained resource consumption.
CWE-674Uncontrolled Recursion503Prevents uncontrolled recursion that exhausts stack or CPU resources.
CWE-407Inefficient Algorithmic Complexity114Addresses inefficient algorithms whose complexity can be exploited for DoS.
CWE-409Improper Handling of Highly Compressed Data (Data Amplification)72Limits effects of data amplification from compressed or malicious inputs.
CWE-405Asymmetric Resource Consumption (Amplification)48Employs controls that mitigate amplification attacks causing asymmetric resource use.
CWE-406Insufficient Control of Network Message Volume (Network Amplification)16Implements network message volume controls to block amplification DoS vectors.

Top CVEs where this control is the strongest mitigation

CVE Risk CVSS EPSS Match
CVE-2026-45498 KEV UPD10.04.00.6308good
CVE-2024-20481 KEV10.05.80.1595good
CVE-2023-44487 KEV10.07.51.0000good
CVE-2023-38180 KEV10.07.50.1552good
CVE-2020-3566 KEV10.08.60.0363good
CVE-2018-0180 KEV10.05.90.0505good
CVE-2018-0179 KEV10.05.90.0505good
CVE-2018-0154 KEV10.07.50.0707good
CVE-2017-6663 KEV10.06.50.0214good
CVE-2017-12238 KEV10.06.50.0203good
CVE-2017-12237 KEV10.07.50.0694good
CVE-2017-12234 KEV10.07.50.0694good
CVE-2026-28318 KEV UPD10.07.50.1066good
CVE-2025-212858.07.50.5484good
CVE-2023-503878.07.51.0000good
CVE-2024-31309 UPD8.07.50.9462good
CVE-2023-283028.07.50.9356good
CVE-2023-217588.07.50.9160good
CVE-2023-452888.07.50.9197good
CVE-2023-217698.07.50.9152good
CVE-2024-27316 UPD8.07.50.9133good
CVE-2022-305228.07.50.9041good
CVE-2024-27983 UPD8.08.20.8721good
CVE-2023-215478.07.50.8823good
CVE-2024-27919 UPD8.07.50.8675good

Other controls in family SC

SC-1 SC-10 SC-11 SC-12 SC-13 SC-14 SC-15 SC-16 SC-17 SC-18 SC-19 SC-2 SC-20 SC-21 SC-22 SC-23 SC-24 SC-25 SC-26 SC-27 SC-28 SC-29 SC-3 SC-30 SC-31 SC-32 SC-33 SC-34 SC-35 SC-36 SC-37 SC-38 SC-39 SC-4 SC-40 SC-41 SC-42 SC-43 SC-44 SC-45 SC-46 SC-47 SC-48 SC-49 SC-50 SC-51 SC-6 SC-7 SC-8 SC-9