CVE-2017-3845
MEDIUMCisco Prime Collaboration Assurance <11.0 - XSS
Title source: llmDescription
A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. Affected Products: Cisco Prime Collaboration Assurance software versions 11.0, 11.1, and 11.5 are vulnerable. Cisco Prime Collaboration Assurance software versions prior to 11.0 are not vulnerable. More Information: CSCvc77783. Known Affected Releases: 11.5(0).
Scores
CVSS v3
6.1
EPSS
0.0032
EPSS Percentile
54.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Classification
CWE
CWE-79
Status
published
Affected Products (4)
cisco/prime_collaboration_assurance
cisco/prime_collaboration_assurance
cisco/prime_collaboration_assurance
n/a/Cisco Prime Collaboration Assurance
< Cisco Prime Collaboration Assurance
Timeline
Published
Feb 22, 2017
Tracked Since
Feb 18, 2026