CVE-2024-24915

Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them.

CVSS v3 6.1 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.2 / Impact : 5.9

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://support.checkpoint.com/results/sk/sk183545

Configurations

No configuration.

History

30 Jun 2025, 18:38

Type	Values Removed	Values Added
Summary		(es) Las credenciales no se borran de la memoria después de usarlas. Un usuario con permisos de administrador puede ejecutar un volcado de memoria para el proceso de SmartConsole y recuperarlas.

29 Jun 2025, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-29 12:15

Updated : 2025-06-30 18:38

NVD link : CVE-2024-24915

Mitre link : CVE-2024-24915

CVE.ORG link : CVE-2024-24915

JSON object : View

Products Affected

No product.

CWE

CWE-316

Cleartext Storage of Sensitive Information in Memory

6.1 /10