CVE-2012-2292

The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
dellCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
VendorProductVersion
emcrsa_archer_smartsuite
4.3
emcrsa_archer_smartsuite
4.5
emcrsa_archer_egrc
5.0
emcrsa_archer_egrc
5.1
emcrsa_archer_egrc
5.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2013-02/0001.html
http://archives.neohapsis.com/archives/bugtraq/2013-02/0001.html