Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2292

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-2292
Last Modified 06 Feb 2013 12:00:00
Published 06 Feb 2013 07:05:42
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-2292

Summary

The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

Vulnerable Systems

Application

  • Emc Rsa Archer Egrc 5.0

  • Emc Rsa Archer Egrc 5.1

  • Emc Rsa Archer Egrc 5.2

  • Emc Rsa Archer Smartsuite 4.3

  • Emc Rsa Archer Smartsuite 4.5


References

BUGTRAQ - 20130131 ESA-2013-002: RSA Archer GRC Multiple Vulnerabilities


Last Updated: 27 May 2016 10:53:46