Cleartext Storage of Sensitive Information in Memory

CVE-2024-24915

Medium

6.1/10

Summary

Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them.

Attack Complexity: LOW
Attack Vector: PHYSICAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: HIGH
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-316 - Cleartext Storage of Sensitive Information in Memory

The application stores sensitive information in cleartext in memory.

References

Advisory Timeline

Published Jun 29, 2025

Cleartext Storage of Sensitive Information in Memory

CVE-2024-24915

Summary

CWE-316 - Cleartext Storage of Sensitive Information in Memory

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS