Medium severity6.1NVD Advisory· Published Feb 22, 2017· Updated May 13, 2026

CVE-2017-3845

Description

A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. Affected Products: Cisco Prime Collaboration Assurance software versions 11.0, 11.1, and 11.5 are vulnerable. Cisco Prime Collaboration Assurance software versions prior to 11.0 are not vulnerable. More Information: CSCvc77783. Known Affected Releases: 11.5(0).

Affected products

Cisco Systems, Inc./Prime Collaboration Assurance3 versions
cpe:2.3:a:cisco:prime_collaboration_assurance:11.0.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:cisco:prime_collaboration_assurance:11.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:prime_collaboration_assurance:11.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:prime_collaboration_assurance:11.5.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.397
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000