1. Home
  2. CVE Database
  3. CVE-2012-2292
HIGH · 7.5

CVE-2012-2292

The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to...

Vulnerability Description

The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
EmcRsa Archer Smartsuite4.3
EmcRsa Archer Egrc5.0

Related Weaknesses (CWE)

CWE-264

References

FAQ

What is CVE-2012-2292?

CVE-2012-2292 is a vulnerability with a CVSS score of 7.5 (HIGH). The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to...

How severe is CVE-2012-2292?

CVE-2012-2292 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-2292?

Check the references section above for vendor advisories and patch information. Affected products include: Emc Rsa Archer Smartsuite, Emc Rsa Archer Egrc.