CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-21907

Medium Severity
SVRS
30/100
CVSSv3
7.5/10
EPSS
0.01942/1

CVE-2024-21907 allows for a potential Denial of Service (DoS) attack in Newtonsoft.Json. By sending specifically crafted data to the JsonConvert.DeserializeObject method, an attacker can trigger a StackOverflow exception, crashing the application.

CVE-2024-21907 is a vulnerability in Newtonsoft.Json before version 13.0.1 that can lead to a Denial of Service. An attacker exploits this vulnerability by sending crafted data to JsonConvert.DeserializeObject, causing a StackOverflow. Although the CVSS score is 7.5, the SOCRadar Vulnerability Risk Score (SVRS) of 30 suggests a lower immediate risk compared to critical vulnerabilities with SVRS scores above 80. However, it's important to note that even with a lower SVRS, the potential for remote unauthenticated attackers to cause DoS makes patching this vulnerability essential to ensure system stability. The risk depends on how Newtonsoft.Json is implemented, but due to the widespread use of the library, it must be monitored and carefully addressed.

TAGS
No tags available
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:N
I:N
A:H
PUBLICATION DATE2024-01-03
LAST MODIFIED2024-09-06
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-21907 is a mishandling of exceptional conditions vulnerability in Newtonsoft.Json before version 13.0.1. Crafted data passed to the JsonConvert.DeserializeObject method can trigger a StackOverflow exception, leading to a denial of service. Unauthenticated remote attackers may exploit this vulnerability to cause a denial of service condition.

Key Insights

  • SVRS Score: 30 indicates a moderate risk, requiring attention and monitoring.
  • Exploit Status: Active exploits have been published.
  • CISA Warning: The Cybersecurity and Infrastructure Security Agency (CISA) has warned of the vulnerability, calling for immediate and necessary measures.
  • In the Wild: The vulnerability is actively exploited by hackers.

Mitigation Strategies

  • Update Newtonsoft.Json to version 13.0.1 or later.
  • Implement input validation to prevent crafted data from being passed to the JsonConvert.DeserializeObject method.
  • Use a web application firewall (WAF) to block malicious requests.
  • Monitor logs for suspicious activity and take appropriate action.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

No news found for this CVE

Social Media

No tweets found for this CVE

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://alephsecurity.com/2018/10/22/StackOverflowException/
[email protected]https://alephsecurity.com/vulns/aleph-2018004
[email protected]https://github.com/JamesNK/Newtonsoft.Json/commit/7e77bbe1beccceac4fc7b174b53abfefac278b66
[email protected]https://github.com/JamesNK/Newtonsoft.Json/issues/2457
[email protected]https://github.com/JamesNK/Newtonsoft.Json/pull/2462
[email protected]https://github.com/advisories/GHSA-5crp-9r3c-p9vr
[email protected]https://security.snyk.io/vuln/SNYK-DOTNET-NEWTONSOFTJSON-2774678
[email protected]https://vulncheck.com/advisories/vc-advisory-GHSA-5crp-9r3c-p9vr
GITHUBhttps://alephsecurity.com/vulns/aleph-2018004
GITHUBhttps://security.snyk.io/vuln/SNYK-DOTNET-NEWTONSOFTJSON-2774678
GITHUBhttps://alephsecurity.com/vulns/aleph-2018004
GITHUBhttps://security.snyk.io/vuln/SNYK-DOTNET-NEWTONSOFTJSON-2774678

CWE Details

CWE IDCWE NameDescription
CWE-755Improper Handling of Exceptional ConditionsThe software does not handle or incorrectly handles an exceptional condition.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence