Description
Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them.
CVSS breakdown
CVSS 3.1
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
High
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- checkpoint / Check Point SmartConsoleCheck Point SmartConsole versions R81.10, R81.20, R82 – Check Point SmartConsole versions R81.10, R81.20, R82