fkie_cve-2024-24915
Vulnerability from fkie_nvd
Published
2025-06-29 12:15
Modified
2025-09-03 15:22
Summary
Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build400:*:*:*:*:*:*",
              "matchCriteriaId": "4A8D932A-F264-4407-9634-440D4E33FC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build402:*:*:*:*:*:*",
              "matchCriteriaId": "3FD3EF2A-CB25-4ED1-96AB-1D0D6B9EED08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build404:*:*:*:*:*:*",
              "matchCriteriaId": "3BF908EF-B678-4360-AA22-FF3A21ADBBD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build406:*:*:*:*:*:*",
              "matchCriteriaId": "DEEF7946-C5C5-4E73-ABC7-27EF17406A6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build407:*:*:*:*:*:*",
              "matchCriteriaId": "911A64FD-04DA-4302-A18A-628FD0576A04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build409:*:*:*:*:*:*",
              "matchCriteriaId": "CB2CF53D-8CA7-484D-830F-85F0403D1F58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build410:*:*:*:*:*:*",
              "matchCriteriaId": "2334CCE9-1421-41C4-B836-F56E0E461509",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build412:*:*:*:*:*:*",
              "matchCriteriaId": "CE76D114-0FB6-4AA1-9DAC-22C365BBC2B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build413:*:*:*:*:*:*",
              "matchCriteriaId": "CAC74BAA-CBE9-4E6A-8BC3-EE2BDCC74BF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build414:*:*:*:*:*:*",
              "matchCriteriaId": "CF85F114-6640-4F42-A15C-ADD2F62DB111",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build416:*:*:*:*:*:*",
              "matchCriteriaId": "943F6057-DE9A-427A-A7E9-DA01C2CE3E51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build417:*:*:*:*:*:*",
              "matchCriteriaId": "1DE48E6D-890D-450F-9B5A-C4D85F435D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build418:*:*:*:*:*:*",
              "matchCriteriaId": "B4A9E7A3-C2D4-423E-9868-FC24348B03FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build420:*:*:*:*:*:*",
              "matchCriteriaId": "BFDD876B-FEDE-40C5-BDC3-42F4625CA8CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build423:*:*:*:*:*:*",
              "matchCriteriaId": "21D64A56-7351-4C4C-BAE7-3681979B0617",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build424:*:*:*:*:*:*",
              "matchCriteriaId": "2A857B4D-5C07-4943-A378-7F2F24CF25CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build425:*:*:*:*:*:*",
              "matchCriteriaId": "604AA11E-76A8-49C7-8E48-9AB327DC2FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build426:*:*:*:*:*:*",
              "matchCriteriaId": "D66ACBB5-0AF3-4FE9-88E5-087BD1FFAFED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build427:*:*:*:*:*:*",
              "matchCriteriaId": "20707AA5-C7B7-49AA-AA22-916A7F3D080C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build428:*:*:*:*:*:*",
              "matchCriteriaId": "5D43D7AA-17A9-4FD6-950D-88F5927EB81F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build429:*:*:*:*:*:*",
              "matchCriteriaId": "9C82E304-0595-4074-AF5C-E15B36C98E77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build640:*:*:*:*:*:*",
              "matchCriteriaId": "C44125A4-590E-4900-B9AC-792D09FF202C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build641:*:*:*:*:*:*",
              "matchCriteriaId": "633F00F4-B992-44C0-8865-F5F104F424A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build645:*:*:*:*:*:*",
              "matchCriteriaId": "ACB9BBA7-F7D9-468A-8AF4-70926DB58A73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build646:*:*:*:*:*:*",
              "matchCriteriaId": "36FCAD19-496B-44F9-98A2-F47CF8BECFC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build649:*:*:*:*:*:*",
              "matchCriteriaId": "3B8FB412-D9FF-46FD-81C7-8185FAE8C4C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build651:*:*:*:*:*:*",
              "matchCriteriaId": "51B50559-BBFF-4FA1-AC37-A08F12DD6BDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build653:*:*:*:*:*:*",
              "matchCriteriaId": "0118CAB6-6FB8-4EA2-A381-5BC9AB897A02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build654:*:*:*:*:*:*",
              "matchCriteriaId": "7CE0C48D-EE95-4762-ABA1-7D2F1DFFFC90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build655:*:*:*:*:*:*",
              "matchCriteriaId": "B017667C-1FCC-4C2A-A8F1-151E86C8549A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build656:*:*:*:*:*:*",
              "matchCriteriaId": "2B0FB3C3-3401-4B1B-AA90-7CE95D2D3528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build658:*:*:*:*:*:*",
              "matchCriteriaId": "16466AAA-ACEE-4ABC-83A3-19AB78D2DC66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build659:*:*:*:*:*:*",
              "matchCriteriaId": "69696E27-2511-4139-9B8E-8D6DE794B320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build660:*:*:*:*:*:*",
              "matchCriteriaId": "012045D4-CE27-42BD-90B6-EF1C9F140E20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build661:*:*:*:*:*:*",
              "matchCriteriaId": "2979AD7A-2A1B-4E83-9619-F5234C5F16A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build663:*:*:*:*:*:*",
              "matchCriteriaId": "B1FE8774-D5CA-438D-AE77-F37FBEDFABF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r82:build1051:*:*:*:*:*:*",
              "matchCriteriaId": "18C43F28-77F7-4C3B-80E3-22922B7D91FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r82:build1053:*:*:*:*:*:*",
              "matchCriteriaId": "ABCA63CE-3495-4137-ADF0-0A241157F613",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them."
    },
    {
      "lang": "es",
      "value": "Las credenciales no se borran de la memoria despu\u00e9s de usarlas. Un usuario con permisos de administrador puede ejecutar un volcado de memoria para el proceso de SmartConsole y recuperarlas."
    }
  ],
  "id": "CVE-2024-24915",
  "lastModified": "2025-09-03T15:22:49.070",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.2,
        "impactScore": 5.9,
        "source": "cve@checkpoint.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-06-29T12:15:22.803",
  "references": [
    {
      "source": "cve@checkpoint.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.checkpoint.com/results/sk/sk183545"
    }
  ],
  "sourceIdentifier": "cve@checkpoint.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-316"
        }
      ],
      "source": "cve@checkpoint.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-312"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…