Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2292


Vulnerability Score 7.5 7.5
CVE Id CVE-2012-2292
Last Modified 06 Feb 2013 12:00:00
Published 06 Feb 2013 07:05:42
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

Vulnerable Systems


  • Emc Rsa Archer Egrc 5.0

  • Emc Rsa Archer Egrc 5.1

  • Emc Rsa Archer Egrc 5.2

  • Emc Rsa Archer Smartsuite 4.3

  • Emc Rsa Archer Smartsuite 4.5


BUGTRAQ - 20130131 ESA-2013-002: RSA Archer GRC Multiple Vulnerabilities

Last Updated: 27 May 2016 10:53:46