Lucene search

[email protected]NVD:CVE-2012-2292

HistoryFeb 06, 2013 - 12:05 p.m.

CVE-2012-2292

2013-02-0612:05:42

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.005

Percentile

75.6%

JSON

The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

Affected configurations

Nvd

Node

emcrsa_archer_smartsuiteMatch4.3

emcrsa_archer_smartsuiteMatch4.5

Node

emcrsa_archer_egrcMatch5.0

emcrsa_archer_egrcMatch5.1

emcrsa_archer_egrcMatch5.2

References

archives.neohapsis.com/archives/bugtraq/2013-02/0001.html

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.005

Percentile

75.6%

JSON

Related for NVD:CVE-2012-2292

prion1 cvelist1 cve1 securityvulns2