fkie_cve-2024-24915
Vulnerability from fkie_nvd
Published
2025-06-29 12:15
Modified
2025-09-03 15:22
Severity ?
6.1 (Medium) - CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them.
References
| URL | Tags | ||
|---|---|---|---|
| cve@checkpoint.com | https://support.checkpoint.com/results/sk/sk183545 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build400:*:*:*:*:*:*",
"matchCriteriaId": "4A8D932A-F264-4407-9634-440D4E33FC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build402:*:*:*:*:*:*",
"matchCriteriaId": "3FD3EF2A-CB25-4ED1-96AB-1D0D6B9EED08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build404:*:*:*:*:*:*",
"matchCriteriaId": "3BF908EF-B678-4360-AA22-FF3A21ADBBD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build406:*:*:*:*:*:*",
"matchCriteriaId": "DEEF7946-C5C5-4E73-ABC7-27EF17406A6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build407:*:*:*:*:*:*",
"matchCriteriaId": "911A64FD-04DA-4302-A18A-628FD0576A04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build409:*:*:*:*:*:*",
"matchCriteriaId": "CB2CF53D-8CA7-484D-830F-85F0403D1F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build410:*:*:*:*:*:*",
"matchCriteriaId": "2334CCE9-1421-41C4-B836-F56E0E461509",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build412:*:*:*:*:*:*",
"matchCriteriaId": "CE76D114-0FB6-4AA1-9DAC-22C365BBC2B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build413:*:*:*:*:*:*",
"matchCriteriaId": "CAC74BAA-CBE9-4E6A-8BC3-EE2BDCC74BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build414:*:*:*:*:*:*",
"matchCriteriaId": "CF85F114-6640-4F42-A15C-ADD2F62DB111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build416:*:*:*:*:*:*",
"matchCriteriaId": "943F6057-DE9A-427A-A7E9-DA01C2CE3E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build417:*:*:*:*:*:*",
"matchCriteriaId": "1DE48E6D-890D-450F-9B5A-C4D85F435D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build418:*:*:*:*:*:*",
"matchCriteriaId": "B4A9E7A3-C2D4-423E-9868-FC24348B03FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build420:*:*:*:*:*:*",
"matchCriteriaId": "BFDD876B-FEDE-40C5-BDC3-42F4625CA8CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build423:*:*:*:*:*:*",
"matchCriteriaId": "21D64A56-7351-4C4C-BAE7-3681979B0617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build424:*:*:*:*:*:*",
"matchCriteriaId": "2A857B4D-5C07-4943-A378-7F2F24CF25CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build425:*:*:*:*:*:*",
"matchCriteriaId": "604AA11E-76A8-49C7-8E48-9AB327DC2FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build426:*:*:*:*:*:*",
"matchCriteriaId": "D66ACBB5-0AF3-4FE9-88E5-087BD1FFAFED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build427:*:*:*:*:*:*",
"matchCriteriaId": "20707AA5-C7B7-49AA-AA22-916A7F3D080C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build428:*:*:*:*:*:*",
"matchCriteriaId": "5D43D7AA-17A9-4FD6-950D-88F5927EB81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build429:*:*:*:*:*:*",
"matchCriteriaId": "9C82E304-0595-4074-AF5C-E15B36C98E77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build640:*:*:*:*:*:*",
"matchCriteriaId": "C44125A4-590E-4900-B9AC-792D09FF202C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build641:*:*:*:*:*:*",
"matchCriteriaId": "633F00F4-B992-44C0-8865-F5F104F424A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build645:*:*:*:*:*:*",
"matchCriteriaId": "ACB9BBA7-F7D9-468A-8AF4-70926DB58A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build646:*:*:*:*:*:*",
"matchCriteriaId": "36FCAD19-496B-44F9-98A2-F47CF8BECFC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build649:*:*:*:*:*:*",
"matchCriteriaId": "3B8FB412-D9FF-46FD-81C7-8185FAE8C4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build651:*:*:*:*:*:*",
"matchCriteriaId": "51B50559-BBFF-4FA1-AC37-A08F12DD6BDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build653:*:*:*:*:*:*",
"matchCriteriaId": "0118CAB6-6FB8-4EA2-A381-5BC9AB897A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build654:*:*:*:*:*:*",
"matchCriteriaId": "7CE0C48D-EE95-4762-ABA1-7D2F1DFFFC90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build655:*:*:*:*:*:*",
"matchCriteriaId": "B017667C-1FCC-4C2A-A8F1-151E86C8549A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build656:*:*:*:*:*:*",
"matchCriteriaId": "2B0FB3C3-3401-4B1B-AA90-7CE95D2D3528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build658:*:*:*:*:*:*",
"matchCriteriaId": "16466AAA-ACEE-4ABC-83A3-19AB78D2DC66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build659:*:*:*:*:*:*",
"matchCriteriaId": "69696E27-2511-4139-9B8E-8D6DE794B320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build660:*:*:*:*:*:*",
"matchCriteriaId": "012045D4-CE27-42BD-90B6-EF1C9F140E20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build661:*:*:*:*:*:*",
"matchCriteriaId": "2979AD7A-2A1B-4E83-9619-F5234C5F16A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build663:*:*:*:*:*:*",
"matchCriteriaId": "B1FE8774-D5CA-438D-AE77-F37FBEDFABF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r82:build1051:*:*:*:*:*:*",
"matchCriteriaId": "18C43F28-77F7-4C3B-80E3-22922B7D91FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r82:build1053:*:*:*:*:*:*",
"matchCriteriaId": "ABCA63CE-3495-4137-ADF0-0A241157F613",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them."
},
{
"lang": "es",
"value": "Las credenciales no se borran de la memoria despu\u00e9s de usarlas. Un usuario con permisos de administrador puede ejecutar un volcado de memoria para el proceso de SmartConsole y recuperarlas."
}
],
"id": "CVE-2024-24915",
"lastModified": "2025-09-03T15:22:49.070",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.2,
"impactScore": 5.9,
"source": "cve@checkpoint.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-06-29T12:15:22.803",
"references": [
{
"source": "cve@checkpoint.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.checkpoint.com/results/sk/sk183545"
}
],
"sourceIdentifier": "cve@checkpoint.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-316"
}
],
"source": "cve@checkpoint.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…