PatchSiren cyber security CVE debrief

CVE-2017-3802 Cisco CVE debrief

CVE-2017-3802 is a cross-site scripting (XSS) vulnerability in Cisco Unified Communications Manager's web interface. According to the CVE/NVD record, an unauthenticated remote attacker could trigger the issue against a user of the affected web interface. Cisco lists affected release 12.0(0.99000.9) and multiple fixed releases, and NVD scores the issue as CVSS 3.0 6.1 (Medium).

Vendor: Cisco
Product: CVE-2017-3802
CVSS: MEDIUM 6.1
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-01-26
Original CVE updated: 2026-05-13
Advisory published: 2017-01-26
Advisory updated: 2026-05-13

Who should care

Administrators and security teams responsible for Cisco Unified Communications Manager deployments, especially systems running the affected release, should treat this as a web-facing application flaw that can affect users interacting with the management interface.

Technical summary

NVD classifies the weakness as CWE-79 (Improper Neutralization of Input During Web Page Generation). The CVSS vector provided by NVD is CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N, indicating network reachability, no privileges required, and a user interaction component. The impact is scoped to confidentiality and integrity, with no availability impact recorded in the vector. Cisco's advisory and NVD record identify the vulnerable Unified Communications Manager release and publish fixed release branches.

Defensive priority

Priority should be medium-high for exposed or actively used Unified Communications Manager web interfaces, because the flaw is remotely reachable and requires no authentication, but does require user interaction. Remediation should be scheduled promptly, with faster action for environments where administrators or end users routinely access the web interface.

Recommended defensive actions

Upgrade Cisco Unified Communications Manager to a fixed release listed by Cisco for this advisory.
Review web interface access paths and minimize exposure of the management interface to untrusted networks.
Apply standard XSS hardening controls in adjacent web applications and proxies, including careful input/output handling and security testing.
Monitor Cisco's advisory and internal asset inventory to confirm all affected instances are remediated.
Validate that users accessing the interface have current browser protections and security awareness guidance, since user interaction is part of the attack path.

Evidence notes

All core facts in this debrief are drawn from the supplied CVE/NVD corpus: the vulnerability type (XSS), affected product (Cisco Unified Communications Manager), attack prerequisites (unauthenticated, remote, user interaction), CWE-79 classification, CVSS 3.0 vector and score, published date, and the fixed-release list provided in the CVE description. The Cisco advisory and NVD detail page are the official reference URLs included in the source corpus.

Official resources

CVE-2017-3802 CVE record
CVE.org
CVE-2017-3802 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Source reference
[email protected]
Mitigation or vendor reference
[email protected] - Vendor Advisory

CVE published 2017-01-26T07:59:00.560Z.