PatchSiren cyber security CVE debrief

CVE-2017-3829 Cisco CVE debrief

CVE-2017-3829 is a cross-site scripting flaw in the web-based management interface of Cisco Unified Communications Manager Switches. Because the attack is remote and unauthenticated but requires user interaction, it is a medium-severity issue that should be patched and treated as an exposure risk for any environment where the management UI is reachable by admins.

Vendor: Cisco
Product: CVE-2017-3829
CVSS: MEDIUM 6.1
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-02-22
Original CVE updated: 2026-05-13
Advisory published: 2017-02-22
Advisory updated: 2026-05-13

Who should care

Cisco Unified Communications Manager Switches administrators, teams responsible for Cisco web-based management interfaces, and security staff monitoring administrative user sessions and browser-based management portals.

Technical summary

The official record describes an unauthenticated, remote XSS issue in the device’s web-based management interface. The supplied CVSS vector (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) indicates network reachability with no privileges required, but successful abuse depends on a victim interacting with the management interface, and impact is limited to low confidentiality and integrity effects.

Defensive priority

Medium. The flaw is externally reachable and unauthenticated, but it still needs user interaction and is scored 6.1/Medium in the supplied data. Prioritize remediation if the management interface is accessible to administrators or broader internal users.

Recommended defensive actions

Upgrade affected Cisco Unified Communications Manager Switches to a fixed release listed in the CVE record or Cisco advisory.
Restrict network access to the web-based management interface to trusted administrative hosts and segments.
Review the Cisco vendor advisory for the exact affected and fixed release mapping before change windows.
Treat browser sessions to the management UI as sensitive; keep admins on hardened browsers and monitor for unexpected script execution or session manipulation.
Validate that no exposed management interface is reachable from untrusted networks.

Evidence notes

The supplied CVE description says an unauthenticated remote attacker could conduct XSS against a user of the web-based management interface of an affected Cisco Unified Communications Manager Switch. NVD metadata lists CWE-79 and the CVSS 3.0 vector AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N. The record also includes Cisco’s vendor advisory link and notes known affected and fixed releases. One source-detail nuance: the CVE description highlights known affected release 12.0(0.98000.280), while the NVD CPE criteria in the supplied metadata list 11.0(1.10000.10) and 11.5(1.10000.6); use Cisco’s advisory to confirm applicability for specific builds.

Official resources

CVE-2017-3829 CVE record
CVE.org
CVE-2017-3829 NVD detail
NVD
Source item URL
nvd_modified
Source reference
[email protected]
Source reference
[email protected]
Mitigation or vendor reference
[email protected] - Vendor Advisory

The CVE was published on 2017-02-22 and the supplied record was last modified on 2026-05-13. Cisco’s vendor advisory is referenced in the record and should be used for release-specific remediation details.