What is CVE-2024-6598?

CVE-2024-6598 is a vulnerability in Knime Business Hub, classified under Allocation of Resources Without Limits or Throttling. Published 2024-07-09.

Is CVE-2024-6598 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Resource exhaustion in Knime Business Hub

CVE-2024-6598

A denial-of-service attack is possible through the execution functionality of KNIME Business Hub 1.10.0 and 1.10.1. It allows an authenticated attacker with job execution privileges to execute a job that causes internal messages to pile up…

EPSS: 0.009 (75.7th percentile) — read the EPSS interpretation.

Affected products

Knime Business Hub — versions 1.10.0

Weakness classification (CWE)

CWE-770 — Allocation of Resources Without Limits or Throttling

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

www.knime.com/security/advisories

Frequently asked questions

What is CVE-2024-6598?: CVE-2024-6598 is a vulnerability in Knime Business Hub, classified under Allocation of Resources Without Limits or Throttling. Published 2024-07-09.
Is CVE-2024-6598 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.