CVE-2024-24915 | THREATINT

Description

Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them.

PUBLISHED Reserved 2024-02-01 | Published 2025-06-29 | Updated 2025-06-30 | Assigner checkpoint

MEDIUM: 6.1CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Problem types

The product stores sensitive information in cleartext in memory.

Product status

Check Point SmartConsole versions R81.10, R81.20, R82

affected

References

support.checkpoint.com/results/sk/sk183545

cve.org (CVE-2024-24915)

nvd.nist.gov (CVE-2024-24915)

Download JSON