PatchSiren cyber security CVE debrief

CVE-2017-3810 Cisco CVE debrief

CVE-2017-3810 is a medium-severity Cisco Prime Service Catalog issue in the web framework that could let an authenticated, remote attacker perform a web URL redirect attack against a user who is already logged in to an affected system. Cisco’s advisory ties the issue to CWE-601 (Open Redirect). The affected release identified in the source corpus is 10.0_R2_tanggula, and the NVD CVSS v3.0 vector reflects network access with low attack complexity, low privileges, and user interaction required.

Vendor: Cisco
Product: CVE-2017-3810
CVSS: MEDIUM 5.4
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-02-03
Original CVE updated: 2026-05-13
Advisory published: 2017-02-03
Advisory updated: 2026-05-13

Who should care

Administrators and security teams responsible for Cisco Prime Service Catalog, especially environments running the affected 10.0(R2) base release. Any team that exposes the application to logged-in users should treat this as a user-trust and session-safety issue, even though the attacker must be authenticated and a victim must interact with the redirect.

Technical summary

The vulnerability is described as a web URL redirect flaw in Cisco Prime Service Catalog’s web framework. NVD maps it to CWE-601 and rates it CVSS 3.0 5.4 (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N). In practical terms, an authenticated remote attacker could cause a logged-in user to be redirected to an unintended destination via the affected web application behavior.

Defensive priority

Moderate. The issue requires authentication and user interaction, but it can still be used to mislead logged-in users and facilitate follow-on attacks such as phishing or session abuse. Prioritize if the product is internet-facing or widely used by internal users.

Recommended defensive actions

Review Cisco’s official advisory for the vendor-recommended remediation path and apply any available fix or upgrade guidance.
Confirm whether Cisco Prime Service Catalog 10.0_R2_tanggula or the affected 10.0(R2) base release is deployed in your environment.
Restrict authenticated access to the application to only trusted users and networks where possible.
Validate and harden redirect handling in any custom integrations or adjacent web components that rely on the same login flow.
Monitor for suspicious redirect patterns and unexpected post-login navigation in application logs.
Educate users to be cautious with unexpected redirects, especially when they occur after authentication or while a session is active.

Evidence notes

All claims are drawn from the supplied NVD record and Cisco-linked references. The CVE description states the issue is a web URL redirect attack against a logged-in user, and the affected release is listed as 10.0_R2_tanggula. NVD provides the CVSS vector CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N and CWE-601. Published and modified dates are taken from the CVE/NVD metadata provided in the corpus; the 2026 modified timestamp reflects record updates, not the original vulnerability date.

Official resources

CVE-2017-3810 CVE record
CVE.org
CVE-2017-3810 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Source reference
[email protected]
Mitigation or vendor reference
[email protected] - Vendor Advisory

The CVE was published on 2017-02-03. The source record was last modified on 2026-05-13, which should be treated as metadata update timing rather than the vulnerability’s original disclosure date.