JsonCpp Json::Value::clear() Unhandled Exception Denial of Service VulnerabilityOctober 3, 2018 am31 1:52 am

A vulnerability in JsonCpp could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.

The vulnerability is due to improper error handling by the Json::Value::clear() function, as defined in the json_value.cpp file of the affected software. An attacker could exploit this vulnerability by sending a malicious JavaScript Object Notation (JSON) request to a targeted system. A successful exploit could cause an unhandled exception error, which could lead to a DoS condition.

JsonCpp has not confirmed the vulnerability, and software updates are not available.

Security Impact Rating: High

CVE: CVE-2018-17850

%d bloggers like this: