CVE-2017-3844 Cisco CVE debrief

Who should care

Administrators and security teams running Cisco Prime Collaboration Assurance 11.0, 11.1, or 11.5 should care most, especially if the product is exposed to a broad internal user base or multiple operator accounts.

Technical summary

NVD lists the vulnerability as CVSS 3.0 AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N with CWE-20. The issue is limited to Cisco Prime Collaboration Assurance versions 11.0.0, 11.1.0, and 11.5.0, and Cisco notes that versions prior to 11.0 are not vulnerable. The impact described in the source corpus is disclosure of file directory listings and file downloads through exporting functions in the user interface.

Defensive priority

Medium. The issue does not appear to enable code execution or availability impact, but it can expose files to an authenticated attacker and should be remediated on any affected deployment.

Recommended defensive actions

• Confirm whether Cisco Prime Collaboration Assurance is running version 11.0, 11.1, or 11.5.
• Apply Cisco's remediation guidance from the vendor advisory linked in NVD.
• Restrict access to the application UI to only trusted administrative users and networks.
• Review authentication logs and file-access activity for unexpected browsing or downloads.
• If sensitive files may have been exposed, assess their contents and rotate credentials or secrets stored on the system.

Evidence notes

The debrief is based on the CVE description supplied here, NVD's CVSS vector and affected CPE entries, and the Cisco vendor advisory referenced by NVD. The official record states the issue affects Cisco Prime Collaboration Assurance 11.0, 11.1, and 11.5, while earlier versions are not vulnerable.

Official resources