7.2 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.8%
The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
CPE | Name | Operator | Version |
---|---|---|---|
rsa_archer_egrc | eq | 5.2 | |
rsa_archer_egrc | eq | 5.0 | |
rsa_archer_egrc | eq | 5.1 | |
rsa_archer_smartsuite | eq | 4.5 | |
rsa_archer_smartsuite | eq | 4.3 |