CVE-2012-1064: XSS
First published: Wed Feb 06 2013(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| EMC RSA Archer | =4.3 | |
| EMC RSA Archer | =4.5 | |
| EMC RSA Archer | =5.0 | |
| EMC RSA Archer | =5.1 | |
| EMC RSA Archer | =5.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2012-1064?
CVE-2012-1064 is classified with a medium severity due to its potential impact on user sessions and data integrity.
How do I fix CVE-2012-1064?
To fix CVE-2012-1064, upgrade to RSA Archer SmartSuite version 5.2SP1 or later that addresses the cross-site scripting vulnerabilities.
What are the affected versions for CVE-2012-1064?
Affected versions for CVE-2012-1064 include EMC RSA Archer SmartSuite 4.x and RSA Archer GRC 5.x before version 5.2SP1.
What types of attacks are possible with CVE-2012-1064?
CVE-2012-1064 allows remote attackers to execute arbitrary web scripts or HTML through cross-site scripting attacks.
Are there any workarounds for CVE-2012-1064?
There are no official workarounds published for CVE-2012-1064, hence upgrading to a patched version is recommended.
- agent/severity
- agent/references
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- agent/author
- vendor/emc
- canonical/emc rsa archer
- version/emc rsa archer/4.3
- version/emc rsa archer/4.5
- version/emc rsa archer/5.0
- version/emc rsa archer/5.1
- version/emc rsa archer/5.2