Lucene search

[email protected]CVE-2012-2293

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-2293

2022-10-0316:15:35

CWE-22

[email protected]

web.nvd.nist.gov

cve-2012-2293

directory traversal

emc

rsa archer

smartsuite framework

grc

nvd

vulnerability

upload

remote authenticated users

arbitrary code

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.0%

JSON

Directory traversal vulnerability in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allows remote authenticated users to upload files, and consequently execute arbitrary code, via a relative path.

Affected configurations

NVD

Node

emcrsa_archer_smartsuiteMatch4.3

emcrsa_archer_smartsuiteMatch4.5

Node

emcrsa_archer_egrcMatch5.0

emcrsa_archer_egrcMatch5.1

emcrsa_archer_egrcMatch5.2

CPENameOperatorVersion
emc:rsa_archer_smartsuiteemc rsa archer smartsuiteeq4.3
emc:rsa_archer_smartsuiteemc rsa archer smartsuiteeq4.5

CPE	Name	Operator	Version
emc:rsa_archer_smartsuite	emc rsa archer smartsuite	eq	4.3
emc:rsa_archer_smartsuite	emc rsa archer smartsuite	eq	4.5

References

archives.neohapsis.com/archives/bugtraq/2013-02/0001.html

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.0%

JSON

Related for CVE-2012-2293

prion1 cvelist1 nvd1 securityvulns2