CVE-2012-2292

EUVD-2012-2285
The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
Affected Products (NVD)
VendorProductVersion
emcrsa_archer_smartsuite
4.3
emcrsa_archer_smartsuite
4.5
emcrsa_archer_egrc
5.0
emcrsa_archer_egrc
5.1
emcrsa_archer_egrc
5.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2013-02/0001.html
http://archives.neohapsis.com/archives/bugtraq/2013-02/0001.html