Vulnerabilites related to checkpoint - smartconsole
CVE-2024-24916 (GCVE-0-2024-24916)
Vulnerability from cvelistv5
Published
2025-06-19 13:17
Modified
2025-06-20 13:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-427 - The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
Summary
Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code execution with the installer's privileges (admin).
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| checkpoint | Check Point SmartConsole |
Version: Check Point SmartConsole versions R81.10, R81.20 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-24916",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-20T13:06:34.598794Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T13:11:11.641Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Check Point SmartConsole",
"vendor": "checkpoint",
"versions": [
{
"status": "affected",
"version": "Check Point SmartConsole versions R81.10, R81.20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Untrusted DLLs in the installer\u0027s directory may be loaded and executed, leading to potentially arbitrary code execution with the installer\u0027s privileges (admin)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-19T13:17:39.651Z",
"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"shortName": "checkpoint"
},
"references": [
{
"url": "https://support.checkpoint.com/results/sk/sk183342"
}
],
"title": "DLL-HiJacking"
}
},
"cveMetadata": {
"assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"assignerShortName": "checkpoint",
"cveId": "CVE-2024-24916",
"datePublished": "2025-06-19T13:17:39.651Z",
"dateReserved": "2024-02-01T15:19:26.278Z",
"dateUpdated": "2025-06-20T13:11:11.641Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-24915 (GCVE-0-2024-24915)
Vulnerability from cvelistv5
Published
2025-06-29 12:02
Modified
2025-06-30 13:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-316 - The product stores sensitive information in cleartext in memory.
Summary
Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| checkpoint | Check Point SmartConsole |
Version: Check Point SmartConsole versions R81.10, R81.20, R82 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-24915",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-30T13:14:08.984786Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-30T13:32:15.417Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Check Point SmartConsole",
"vendor": "checkpoint",
"versions": [
{
"status": "affected",
"version": "Check Point SmartConsole versions R81.10, R81.20, R82"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-316",
"description": "The product stores sensitive information in cleartext in memory.",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-29T12:02:41.126Z",
"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"shortName": "checkpoint"
},
"references": [
{
"url": "https://support.checkpoint.com/results/sk/sk183545"
}
],
"title": "SmartConsole Sensitive Credential Exposure via Memory Dump"
}
},
"cveMetadata": {
"assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"assignerShortName": "checkpoint",
"cveId": "CVE-2024-24915",
"datePublished": "2025-06-29T12:02:41.126Z",
"dateReserved": "2024-02-01T15:19:26.278Z",
"dateUpdated": "2025-06-30T13:32:15.417Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6024 (GCVE-0-2020-6024)
Vulnerability from cvelistv5
Published
2021-01-20 18:17
Modified
2024-08-04 08:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-114 - Process Control
Summary
Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users.
References
| ▼ | URL | Tags |
|---|---|---|
| https://supportcontent.checkpoint.com/solutions?id=sk142952 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Check Point SmartConsole |
Version: R80.20, R80.30, R80.40, R81 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:47:41.027Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Check Point SmartConsole",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "R80.20, R80.30, R80.40, R81"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-114",
"description": "CWE-114: Process Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-26T16:19:49",
"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"shortName": "checkpoint"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@checkpoint.com",
"ID": "CVE-2020-6024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Check Point SmartConsole",
"version": {
"version_data": [
{
"version_value": "R80.20, R80.30, R80.40, R81"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-114: Process Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://supportcontent.checkpoint.com/solutions?id=sk142952",
"refsource": "MISC",
"url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"assignerShortName": "checkpoint",
"cveId": "CVE-2020-6024",
"datePublished": "2021-01-20T18:17:53",
"dateReserved": "2020-01-07T00:00:00",
"dateUpdated": "2024-08-04T08:47:41.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2025-06-19 14:15
Modified
2025-09-04 19:01
Severity ?
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code execution with the installer's privileges (admin).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@checkpoint.com | https://support.checkpoint.com/results/sk/sk183342 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.20 | |
| checkpoint | smartconsole | r81.20 | |
| checkpoint | smartconsole | r81.20 | |
| checkpoint | smartconsole | r81.20 | |
| checkpoint | smartconsole | r81.20 | |
| checkpoint | smartconsole | r81.20 | |
| checkpoint | smartconsole | r81.20 | |
| checkpoint | smartconsole | r81.20 | |
| checkpoint | smartconsole | r81.20 | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build400:*:*:*:*:*:*",
"matchCriteriaId": "4A8D932A-F264-4407-9634-440D4E33FC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build402:*:*:*:*:*:*",
"matchCriteriaId": "3FD3EF2A-CB25-4ED1-96AB-1D0D6B9EED08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build404:*:*:*:*:*:*",
"matchCriteriaId": "3BF908EF-B678-4360-AA22-FF3A21ADBBD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build406:*:*:*:*:*:*",
"matchCriteriaId": "DEEF7946-C5C5-4E73-ABC7-27EF17406A6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build407:*:*:*:*:*:*",
"matchCriteriaId": "911A64FD-04DA-4302-A18A-628FD0576A04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build409:*:*:*:*:*:*",
"matchCriteriaId": "CB2CF53D-8CA7-484D-830F-85F0403D1F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build410:*:*:*:*:*:*",
"matchCriteriaId": "2334CCE9-1421-41C4-B836-F56E0E461509",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build412:*:*:*:*:*:*",
"matchCriteriaId": "CE76D114-0FB6-4AA1-9DAC-22C365BBC2B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build413:*:*:*:*:*:*",
"matchCriteriaId": "CAC74BAA-CBE9-4E6A-8BC3-EE2BDCC74BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build414:*:*:*:*:*:*",
"matchCriteriaId": "CF85F114-6640-4F42-A15C-ADD2F62DB111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build416:*:*:*:*:*:*",
"matchCriteriaId": "943F6057-DE9A-427A-A7E9-DA01C2CE3E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build417:*:*:*:*:*:*",
"matchCriteriaId": "1DE48E6D-890D-450F-9B5A-C4D85F435D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build418:*:*:*:*:*:*",
"matchCriteriaId": "B4A9E7A3-C2D4-423E-9868-FC24348B03FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build420:*:*:*:*:*:*",
"matchCriteriaId": "BFDD876B-FEDE-40C5-BDC3-42F4625CA8CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build423:*:*:*:*:*:*",
"matchCriteriaId": "21D64A56-7351-4C4C-BAE7-3681979B0617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build424:*:*:*:*:*:*",
"matchCriteriaId": "2A857B4D-5C07-4943-A378-7F2F24CF25CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build425:*:*:*:*:*:*",
"matchCriteriaId": "604AA11E-76A8-49C7-8E48-9AB327DC2FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build640:*:*:*:*:*:*",
"matchCriteriaId": "C44125A4-590E-4900-B9AC-792D09FF202C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build641:*:*:*:*:*:*",
"matchCriteriaId": "633F00F4-B992-44C0-8865-F5F104F424A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build645:*:*:*:*:*:*",
"matchCriteriaId": "ACB9BBA7-F7D9-468A-8AF4-70926DB58A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build646:*:*:*:*:*:*",
"matchCriteriaId": "36FCAD19-496B-44F9-98A2-F47CF8BECFC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build649:*:*:*:*:*:*",
"matchCriteriaId": "3B8FB412-D9FF-46FD-81C7-8185FAE8C4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build651:*:*:*:*:*:*",
"matchCriteriaId": "51B50559-BBFF-4FA1-AC37-A08F12DD6BDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build653:*:*:*:*:*:*",
"matchCriteriaId": "0118CAB6-6FB8-4EA2-A381-5BC9AB897A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build654:*:*:*:*:*:*",
"matchCriteriaId": "7CE0C48D-EE95-4762-ABA1-7D2F1DFFFC90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build655:*:*:*:*:*:*",
"matchCriteriaId": "B017667C-1FCC-4C2A-A8F1-151E86C8549A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted DLLs in the installer\u0027s directory may be loaded and executed, leading to potentially arbitrary code execution with the installer\u0027s privileges (admin)."
},
{
"lang": "es",
"value": "Es posible que se carguen y ejecuten DLL no confiables en el directorio del instalador, lo que puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario con los privilegios del instalador (administrador)."
}
],
"id": "CVE-2024-24916",
"lastModified": "2025-09-04T19:01:30.503",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.6,
"impactScore": 5.9,
"source": "cve@checkpoint.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-06-19T14:15:44.983",
"references": [
{
"source": "cve@checkpoint.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.checkpoint.com/results/sk/sk183342"
}
],
"sourceIdentifier": "cve@checkpoint.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "cve@checkpoint.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-06-29 12:15
Modified
2025-09-03 15:22
Severity ?
6.1 (Medium) - CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@checkpoint.com | https://support.checkpoint.com/results/sk/sk183545 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build400:*:*:*:*:*:*",
"matchCriteriaId": "4A8D932A-F264-4407-9634-440D4E33FC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build402:*:*:*:*:*:*",
"matchCriteriaId": "3FD3EF2A-CB25-4ED1-96AB-1D0D6B9EED08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build404:*:*:*:*:*:*",
"matchCriteriaId": "3BF908EF-B678-4360-AA22-FF3A21ADBBD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build406:*:*:*:*:*:*",
"matchCriteriaId": "DEEF7946-C5C5-4E73-ABC7-27EF17406A6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build407:*:*:*:*:*:*",
"matchCriteriaId": "911A64FD-04DA-4302-A18A-628FD0576A04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build409:*:*:*:*:*:*",
"matchCriteriaId": "CB2CF53D-8CA7-484D-830F-85F0403D1F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build410:*:*:*:*:*:*",
"matchCriteriaId": "2334CCE9-1421-41C4-B836-F56E0E461509",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build412:*:*:*:*:*:*",
"matchCriteriaId": "CE76D114-0FB6-4AA1-9DAC-22C365BBC2B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build413:*:*:*:*:*:*",
"matchCriteriaId": "CAC74BAA-CBE9-4E6A-8BC3-EE2BDCC74BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build414:*:*:*:*:*:*",
"matchCriteriaId": "CF85F114-6640-4F42-A15C-ADD2F62DB111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build416:*:*:*:*:*:*",
"matchCriteriaId": "943F6057-DE9A-427A-A7E9-DA01C2CE3E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build417:*:*:*:*:*:*",
"matchCriteriaId": "1DE48E6D-890D-450F-9B5A-C4D85F435D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build418:*:*:*:*:*:*",
"matchCriteriaId": "B4A9E7A3-C2D4-423E-9868-FC24348B03FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build420:*:*:*:*:*:*",
"matchCriteriaId": "BFDD876B-FEDE-40C5-BDC3-42F4625CA8CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build423:*:*:*:*:*:*",
"matchCriteriaId": "21D64A56-7351-4C4C-BAE7-3681979B0617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build424:*:*:*:*:*:*",
"matchCriteriaId": "2A857B4D-5C07-4943-A378-7F2F24CF25CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build425:*:*:*:*:*:*",
"matchCriteriaId": "604AA11E-76A8-49C7-8E48-9AB327DC2FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build426:*:*:*:*:*:*",
"matchCriteriaId": "D66ACBB5-0AF3-4FE9-88E5-087BD1FFAFED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build427:*:*:*:*:*:*",
"matchCriteriaId": "20707AA5-C7B7-49AA-AA22-916A7F3D080C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build428:*:*:*:*:*:*",
"matchCriteriaId": "5D43D7AA-17A9-4FD6-950D-88F5927EB81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build429:*:*:*:*:*:*",
"matchCriteriaId": "9C82E304-0595-4074-AF5C-E15B36C98E77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build640:*:*:*:*:*:*",
"matchCriteriaId": "C44125A4-590E-4900-B9AC-792D09FF202C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build641:*:*:*:*:*:*",
"matchCriteriaId": "633F00F4-B992-44C0-8865-F5F104F424A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build645:*:*:*:*:*:*",
"matchCriteriaId": "ACB9BBA7-F7D9-468A-8AF4-70926DB58A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build646:*:*:*:*:*:*",
"matchCriteriaId": "36FCAD19-496B-44F9-98A2-F47CF8BECFC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build649:*:*:*:*:*:*",
"matchCriteriaId": "3B8FB412-D9FF-46FD-81C7-8185FAE8C4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build651:*:*:*:*:*:*",
"matchCriteriaId": "51B50559-BBFF-4FA1-AC37-A08F12DD6BDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build653:*:*:*:*:*:*",
"matchCriteriaId": "0118CAB6-6FB8-4EA2-A381-5BC9AB897A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build654:*:*:*:*:*:*",
"matchCriteriaId": "7CE0C48D-EE95-4762-ABA1-7D2F1DFFFC90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build655:*:*:*:*:*:*",
"matchCriteriaId": "B017667C-1FCC-4C2A-A8F1-151E86C8549A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build656:*:*:*:*:*:*",
"matchCriteriaId": "2B0FB3C3-3401-4B1B-AA90-7CE95D2D3528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build658:*:*:*:*:*:*",
"matchCriteriaId": "16466AAA-ACEE-4ABC-83A3-19AB78D2DC66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build659:*:*:*:*:*:*",
"matchCriteriaId": "69696E27-2511-4139-9B8E-8D6DE794B320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build660:*:*:*:*:*:*",
"matchCriteriaId": "012045D4-CE27-42BD-90B6-EF1C9F140E20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build661:*:*:*:*:*:*",
"matchCriteriaId": "2979AD7A-2A1B-4E83-9619-F5234C5F16A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build663:*:*:*:*:*:*",
"matchCriteriaId": "B1FE8774-D5CA-438D-AE77-F37FBEDFABF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r82:build1051:*:*:*:*:*:*",
"matchCriteriaId": "18C43F28-77F7-4C3B-80E3-22922B7D91FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r82:build1053:*:*:*:*:*:*",
"matchCriteriaId": "ABCA63CE-3495-4137-ADF0-0A241157F613",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them."
},
{
"lang": "es",
"value": "Las credenciales no se borran de la memoria despu\u00e9s de usarlas. Un usuario con permisos de administrador puede ejecutar un volcado de memoria para el proceso de SmartConsole y recuperarlas."
}
],
"id": "CVE-2024-24915",
"lastModified": "2025-09-03T15:22:49.070",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.2,
"impactScore": 5.9,
"source": "cve@checkpoint.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-06-29T12:15:22.803",
"references": [
{
"source": "cve@checkpoint.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.checkpoint.com/results/sk/sk183545"
}
],
"sourceIdentifier": "cve@checkpoint.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-316"
}
],
"source": "cve@checkpoint.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-20 19:15
Modified
2024-11-21 05:35
Severity ?
Summary
Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | smartconsole | * | |
| checkpoint | smartconsole | r80.20 | |
| checkpoint | smartconsole | r80.30 | |
| checkpoint | smartconsole | r80.40 | |
| checkpoint | smartconsole | r81 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1DD7269-40DD-4A4B-BF0B-E928201BA31D",
"versionEndIncluding": "r80.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r80.20:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDE7A64-BC36-4C95-BBE4-9BF146AC66DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r80.30:*:*:*:*:*:*:*",
"matchCriteriaId": "476C415F-F9E3-4A92-9CCF-13FDA0FA99CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r80.40:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD4456C-5CD1-4615-9658-95CD94B7B603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81:*:*:*:*:*:*:*",
"matchCriteriaId": "613920F7-2800-4B77-8A54-6C6BC6E0D233",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users."
},
{
"lang": "es",
"value": "Check Point SmartConsole versi\u00f3n anterior a R80.10 Build 185, versi\u00f3n R80.20 Build 119, versi\u00f3n R80.30 anterior a Build 94, versi\u00f3n R80.40 anterior a Build 415 y la versi\u00f3n R81 anterior a Build 548 eran vulnerables a una posible escalada de privilegios local debido a la ejecuci\u00f3n de ejecutables desde un directorio con acceso de escritura para todos los usuarios autenticados"
}
],
"id": "CVE-2020-6024",
"lastModified": "2024-11-21T05:35:00.187",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-20T19:15:12.947",
"references": [
{
"source": "cve@checkpoint.com",
"tags": [
"Vendor Advisory"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"
}
],
"sourceIdentifier": "cve@checkpoint.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-114"
}
],
"source": "cve@checkpoint.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-202101-1673
Vulnerability from variot
Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users. Check Point SmartConsole Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Check Point Smartconsole is a desktop application software used to manage the Check point environment by Check Point Corporation in the United States
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202101-1673",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "smartconsole",
"scope": "eq",
"trust": 1.0,
"vendor": "checkpoint",
"version": "r80.20"
},
{
"model": "smartconsole",
"scope": "eq",
"trust": 1.0,
"vendor": "checkpoint",
"version": "r81"
},
{
"model": "smartconsole",
"scope": "eq",
"trust": 1.0,
"vendor": "checkpoint",
"version": "r80.30"
},
{
"model": "smartconsole",
"scope": "eq",
"trust": 1.0,
"vendor": "checkpoint",
"version": "r80.40"
},
{
"model": "smartconsole",
"scope": "lte",
"trust": 1.0,
"vendor": "checkpoint",
"version": "r80.10"
},
{
"model": "smartconsole",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30c1\u30a7\u30c3\u30af \u30dd\u30a4\u30f3\u30c8 \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2 \u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u30ba",
"version": "r80.10 build 185"
},
{
"model": "smartconsole",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30c1\u30a7\u30c3\u30af \u30dd\u30a4\u30f3\u30c8 \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2 \u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u30ba",
"version": null
},
{
"model": "smartconsole",
"scope": "lt",
"trust": 0.8,
"vendor": "\u30c1\u30a7\u30c3\u30af \u30dd\u30a4\u30f3\u30c8 \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2 \u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u30ba",
"version": "r81"
},
{
"model": "smartconsole",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30c1\u30a7\u30c3\u30af \u30dd\u30a4\u30f3\u30c8 \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2 \u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u30ba",
"version": "build 548"
},
{
"model": "smartconsole",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30c1\u30a7\u30c3\u30af \u30dd\u30a4\u30f3\u30c8 \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2 \u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u30ba",
"version": "r80.20 build 119"
},
{
"model": "smartconsole",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30c1\u30a7\u30c3\u30af \u30dd\u30a4\u30f3\u30c8 \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2 \u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u30ba",
"version": "build 94"
},
{
"model": "smartconsole",
"scope": "lt",
"trust": 0.8,
"vendor": "\u30c1\u30a7\u30c3\u30af \u30dd\u30a4\u30f3\u30c8 \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2 \u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u30ba",
"version": "r80.30"
},
{
"model": "smartconsole",
"scope": "lt",
"trust": 0.8,
"vendor": "\u30c1\u30a7\u30c3\u30af \u30dd\u30a4\u30f3\u30c8 \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2 \u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u30ba",
"version": "r80.40"
},
{
"model": "smartconsole",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30c1\u30a7\u30c3\u30af \u30dd\u30a4\u30f3\u30c8 \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2 \u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u30ba",
"version": "build 415"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015676"
},
{
"db": "NVD",
"id": "CVE-2020-6024"
}
]
},
"cve": "CVE-2020-6024",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2020-6024",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-184149",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2020-6024",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-6024",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-6024",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2020-6024",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202101-1562",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-184149",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-6024",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184149"
},
{
"db": "VULMON",
"id": "CVE-2020-6024"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015676"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1562"
},
{
"db": "NVD",
"id": "CVE-2020-6024"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users. Check Point SmartConsole Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Check Point Smartconsole is a desktop application software used to manage the Check point environment by Check Point Corporation in the United States",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6024"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015676"
},
{
"db": "VULHUB",
"id": "VHN-184149"
},
{
"db": "VULMON",
"id": "CVE-2020-6024"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-6024",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015676",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1562",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-184149",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-6024",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184149"
},
{
"db": "VULMON",
"id": "CVE-2020-6024"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015676"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1562"
},
{
"db": "NVD",
"id": "CVE-2020-6024"
}
]
},
"id": "VAR-202101-1673",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-184149"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:51:03.707000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "sk142952",
"trust": 0.8,
"url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"
},
{
"title": "Check Point Smartconsole Repair measures for privilege escalation vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=139933"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015676"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1562"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-269",
"trust": 1.1
},
{
"problemtype": "CWE-114",
"trust": 1.0
},
{
"problemtype": "Improper authority management (CWE-269) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184149"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015676"
},
{
"db": "NVD",
"id": "CVE-2020-6024"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://supportcontent.checkpoint.com/solutions?id=sk142952"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6024"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/check-point-smartconsole-privilege-escalation-34398"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/269.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-184149"
},
{
"db": "VULMON",
"id": "CVE-2020-6024"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015676"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1562"
},
{
"db": "NVD",
"id": "CVE-2020-6024"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-184149"
},
{
"db": "VULMON",
"id": "CVE-2020-6024"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-015676"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-1562"
},
{
"db": "NVD",
"id": "CVE-2020-6024"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-01-20T00:00:00",
"db": "VULHUB",
"id": "VHN-184149"
},
{
"date": "2021-01-20T00:00:00",
"db": "VULMON",
"id": "CVE-2020-6024"
},
{
"date": "2021-10-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-015676"
},
{
"date": "2021-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202101-1562"
},
{
"date": "2021-01-20T19:15:12.947000",
"db": "NVD",
"id": "CVE-2020-6024"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-02-02T00:00:00",
"db": "VULHUB",
"id": "VHN-184149"
},
{
"date": "2021-02-02T00:00:00",
"db": "VULMON",
"id": "CVE-2020-6024"
},
{
"date": "2021-10-08T09:11:00",
"db": "JVNDB",
"id": "JVNDB-2020-015676"
},
{
"date": "2021-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202101-1562"
},
{
"date": "2024-11-21T05:35:00.187000",
"db": "NVD",
"id": "CVE-2020-6024"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202101-1562"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Check\u00a0Point\u00a0SmartConsole\u00a0 Vulnerability in privilege management",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-015676"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202101-1562"
}
],
"trust": 0.6
}
}