How severe is CVE-2024-6598?

This vulnerability has a severity rating of HIGH with a CVSS score of N/A out of 10.

What type of vulnerability is CVE-2024-6598?

This is classified as CWE-770, which is a common weakness in software security.

CVE-2024-6598 - HIGH Severity | CVSS N/A

Vulnerability Description

A denial-of-service attack is possible through the execution functionality of KNIME Business Hub 1.10.0 and 1.10.1. It allows an authenticated attacker with job execution privileges to execute a job that causes internal messages to pile up until there are no more resources available for processing new messages. This leads to an outage of most functionality of KNIME Business Hub. Recovery from the situation is only possible by manual administrator interaction. Please contact our support for instructions in case you have run into this situation. Updating to KNIME Business Hub 1.10.2 or later solves the problem.

Related Vulnerabilities

CVE-2018-20033

CRITICAL

CVSS:9.8(Critical)

A Remote Code Execution vulnerability in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier could allow a remote attacker to corrupt the memory by allocating / deall...

CWE-7702018

CVE-2019-17067

CRITICAL

CVSS:9.8(Critical)

PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection.

CWE-7702019

CVE-2023-25156

CRITICAL

CVSS:9.8(Critical)

Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt brute-force attacks against the login page. Users should upgrad...

CWE-7702023

CVE-2023-38507

CRITICAL

CVSS:9.8(Critical)

Strapi is the an open-source headless content management system. Prior to version 4.12.1, there is a rate limit on the login function of Strapi's admin screen, but it is possible to circumvent it. The...

CWE-7702023

CVE-2024-44241

CRITICAL

CVSS:9.8(Critical)

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP ...

CWE-7702024

CVE-2021-41591

CRITICAL

CVSS:9.4(Critical)

ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure.

CWE-7702021