fkie_nvd - fkie_cve-2024-24915

fkie_cve-2024-24915

Vulnerability from fkie_nvd

Published

2025-06-29 12:15

Modified

2025-09-03 15:22

Severity ?

6.1 (Medium) - CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them.

References

▼	URL	Tags
	cve@checkpoint.com	https://support.checkpoint.com/results/sk/sk183545	Vendor Advisory

Impacted products

Vendor	Product	Version
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.10
checkpoint	smartconsole	r81.20
checkpoint	smartconsole	r81.20
checkpoint	smartconsole	r81.20
checkpoint	smartconsole	r81.20
checkpoint	smartconsole	r81.20
checkpoint	smartconsole	r81.20
checkpoint	smartconsole	r81.20
checkpoint	smartconsole	r81.20
checkpoint	smartconsole	r81.20
checkpoint	smartconsole	r81.20
checkpoint	smartconsole	r81.20
checkpoint	smartconsole	r81.20
checkpoint	smartconsole	r81.20
checkpoint	smartconsole	r81.20
checkpoint	smartconsole	r81.20
checkpoint	smartconsole	r82
checkpoint	smartconsole	r82
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build400:*:*:*:*:*:*",
              "matchCriteriaId": "4A8D932A-F264-4407-9634-440D4E33FC52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build402:*:*:*:*:*:*",
              "matchCriteriaId": "3FD3EF2A-CB25-4ED1-96AB-1D0D6B9EED08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build404:*:*:*:*:*:*",
              "matchCriteriaId": "3BF908EF-B678-4360-AA22-FF3A21ADBBD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build406:*:*:*:*:*:*",
              "matchCriteriaId": "DEEF7946-C5C5-4E73-ABC7-27EF17406A6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build407:*:*:*:*:*:*",
              "matchCriteriaId": "911A64FD-04DA-4302-A18A-628FD0576A04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build409:*:*:*:*:*:*",
              "matchCriteriaId": "CB2CF53D-8CA7-484D-830F-85F0403D1F58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build410:*:*:*:*:*:*",
              "matchCriteriaId": "2334CCE9-1421-41C4-B836-F56E0E461509",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build412:*:*:*:*:*:*",
              "matchCriteriaId": "CE76D114-0FB6-4AA1-9DAC-22C365BBC2B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build413:*:*:*:*:*:*",
              "matchCriteriaId": "CAC74BAA-CBE9-4E6A-8BC3-EE2BDCC74BF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build414:*:*:*:*:*:*",
              "matchCriteriaId": "CF85F114-6640-4F42-A15C-ADD2F62DB111",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build416:*:*:*:*:*:*",
              "matchCriteriaId": "943F6057-DE9A-427A-A7E9-DA01C2CE3E51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build417:*:*:*:*:*:*",
              "matchCriteriaId": "1DE48E6D-890D-450F-9B5A-C4D85F435D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build418:*:*:*:*:*:*",
              "matchCriteriaId": "B4A9E7A3-C2D4-423E-9868-FC24348B03FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build420:*:*:*:*:*:*",
              "matchCriteriaId": "BFDD876B-FEDE-40C5-BDC3-42F4625CA8CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build423:*:*:*:*:*:*",
              "matchCriteriaId": "21D64A56-7351-4C4C-BAE7-3681979B0617",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build424:*:*:*:*:*:*",
              "matchCriteriaId": "2A857B4D-5C07-4943-A378-7F2F24CF25CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build425:*:*:*:*:*:*",
              "matchCriteriaId": "604AA11E-76A8-49C7-8E48-9AB327DC2FCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build426:*:*:*:*:*:*",
              "matchCriteriaId": "D66ACBB5-0AF3-4FE9-88E5-087BD1FFAFED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build427:*:*:*:*:*:*",
              "matchCriteriaId": "20707AA5-C7B7-49AA-AA22-916A7F3D080C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build428:*:*:*:*:*:*",
              "matchCriteriaId": "5D43D7AA-17A9-4FD6-950D-88F5927EB81F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build429:*:*:*:*:*:*",
              "matchCriteriaId": "9C82E304-0595-4074-AF5C-E15B36C98E77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build640:*:*:*:*:*:*",
              "matchCriteriaId": "C44125A4-590E-4900-B9AC-792D09FF202C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build641:*:*:*:*:*:*",
              "matchCriteriaId": "633F00F4-B992-44C0-8865-F5F104F424A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build645:*:*:*:*:*:*",
              "matchCriteriaId": "ACB9BBA7-F7D9-468A-8AF4-70926DB58A73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build646:*:*:*:*:*:*",
              "matchCriteriaId": "36FCAD19-496B-44F9-98A2-F47CF8BECFC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build649:*:*:*:*:*:*",
              "matchCriteriaId": "3B8FB412-D9FF-46FD-81C7-8185FAE8C4C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build651:*:*:*:*:*:*",
              "matchCriteriaId": "51B50559-BBFF-4FA1-AC37-A08F12DD6BDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build653:*:*:*:*:*:*",
              "matchCriteriaId": "0118CAB6-6FB8-4EA2-A381-5BC9AB897A02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build654:*:*:*:*:*:*",
              "matchCriteriaId": "7CE0C48D-EE95-4762-ABA1-7D2F1DFFFC90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build655:*:*:*:*:*:*",
              "matchCriteriaId": "B017667C-1FCC-4C2A-A8F1-151E86C8549A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build656:*:*:*:*:*:*",
              "matchCriteriaId": "2B0FB3C3-3401-4B1B-AA90-7CE95D2D3528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build658:*:*:*:*:*:*",
              "matchCriteriaId": "16466AAA-ACEE-4ABC-83A3-19AB78D2DC66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build659:*:*:*:*:*:*",
              "matchCriteriaId": "69696E27-2511-4139-9B8E-8D6DE794B320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build660:*:*:*:*:*:*",
              "matchCriteriaId": "012045D4-CE27-42BD-90B6-EF1C9F140E20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build661:*:*:*:*:*:*",
              "matchCriteriaId": "2979AD7A-2A1B-4E83-9619-F5234C5F16A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build663:*:*:*:*:*:*",
              "matchCriteriaId": "B1FE8774-D5CA-438D-AE77-F37FBEDFABF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r82:build1051:*:*:*:*:*:*",
              "matchCriteriaId": "18C43F28-77F7-4C3B-80E3-22922B7D91FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:checkpoint:smartconsole:r82:build1053:*:*:*:*:*:*",
              "matchCriteriaId": "ABCA63CE-3495-4137-ADF0-0A241157F613",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them."
    },
    {
      "lang": "es",
      "value": "Las credenciales no se borran de la memoria despu\u00e9s de usarlas. Un usuario con permisos de administrador puede ejecutar un volcado de memoria para el proceso de SmartConsole y recuperarlas."
    }
  ],
  "id": "CVE-2024-24915",
  "lastModified": "2025-09-03T15:22:49.070",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.2,
        "impactScore": 5.9,
        "source": "cve@checkpoint.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-06-29T12:15:22.803",
  "references": [
    {
      "source": "cve@checkpoint.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.checkpoint.com/results/sk/sk183545"
    }
  ],
  "sourceIdentifier": "cve@checkpoint.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-316"
        }
      ],
      "source": "cve@checkpoint.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-312"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2024-24915 (GCVE-0-2024-24915)

Vulnerability from cvelistv5

Published

2025-06-29 12:02

Modified

2025-06-30 13:32

Severity ?

6.1 (Medium) - CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-316 - The product stores sensitive information in cleartext in memory.