Cyber Resilience

NIST 800-53 r5 · Controls catalogue · Family SC

SC-6Resource Availability

Protect the availability of resources by allocating {{ insert: param, sc-06_odp.01 }} by {{ insert: param, sc-06_odp.02 }}.

Last updated: 04 July 2026 00:28 UTC

Cumulative inbound coverage

How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.

Collective: partial · 3 mapping(s) from 2 framework(s): CSF 2.0 2 (partial) · ASVS 5.0 1 (partial)

See the full cumulative-coverage rollup →

Implementations targeting this control (0)

ATT&CK techniques this control mitigates (1)

Weaknesses this control addresses (5)AI

CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.

CWE Name CVEs Why this control addresses it
CWE-400Uncontrolled Resource Consumption3,572Directly mitigates uncontrolled consumption by enforcing allocation limits/quotas that preserve availability for legitimate use.
CWE-770Allocation of Resources Without Limits or Throttling2,210Implements the missing limits and throttling on resource allocation that this weakness describes.
CWE-799Improper Control of Interaction Frequency69Allocation policies inherently restrict interaction frequency, reducing the impact of excessive requests.
CWE-405Asymmetric Resource Consumption (Amplification)48Limits amplification effects by controlling how resources are allocated under high-volume or recursive load.
CWE-410Insufficient Resource Pool20Ensures a managed resource pool is maintained rather than allowing exhaustion by any single consumer.

Top CVEs where this control is the strongest mitigation

CVE Risk CVSS EPSS Match
CVE-2025-613037.09.80.0042good
CVE-2026-401045.58.20.0040good
CVE-2024-466675.57.50.0057good
CVE-2024-417435.57.50.0060good
CVE-2025-700595.57.50.0034good
CVE-2026-29168 UPD5.57.30.0063good
CVE-2025-274795.57.50.0186good
CVE-2025-277953.54.30.0041good
CVE-2026-18503.56.50.0024good
CVE-2026-32013.54.70.0018good
CVE-2026-45498 KEV UPD10.04.00.6308good
CVE-2023-44487 KEV10.07.51.0000good
CVE-2024-31309 UPD8.07.50.9462good
CVE-2022-305228.07.50.9041good
CVE-2024-28182 UPD8.05.30.8496good
CVE-2025-48976 UPD8.07.50.6326good
CVE-2026-312837.09.80.0040good
CVE-2024-127056.07.50.1618good
CVE-2026-49160 UPD6.07.50.4844good
CVE-2023-249986.07.50.4684good
CVE-2023-266016.07.50.3407good
CVE-2024-311526.05.30.1716good
CVE-2025-213515.57.50.0220good
CVE-2024-373585.58.60.0080good
CVE-2025-268195.58.60.0051good

Other controls in family SC

SC-1 SC-10 SC-11 SC-12 SC-13 SC-14 SC-15 SC-16 SC-17 SC-18 SC-19 SC-2 SC-20 SC-21 SC-22 SC-23 SC-24 SC-25 SC-26 SC-27 SC-28 SC-29 SC-3 SC-30 SC-31 SC-32 SC-33 SC-34 SC-35 SC-36 SC-37 SC-38 SC-39 SC-4 SC-40 SC-41 SC-42 SC-43 SC-44 SC-45 SC-46 SC-47 SC-48 SC-49 SC-5 SC-50 SC-51 SC-7 SC-8 SC-9