What is CVE-2014-3341?

CVE-2014-3341 is a vulnerability in Cisco Nexus_5000, classified under Information Disclosure. Published 2014-08-19.

Is CVE-2014-3341 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Information disclosure in Cisco Nexus_5000

CVE-2014-3341

The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows remote attackers to enumerate VLANs via a se…

Vulnerability class: Information Disclosure

EPSS: 0.195 (95.5th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

CWE-200 — Information Disclosure

Public proof-of-concept exploits

References

psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
cisco-nxos-cve20143341-info-disc(95329) (vdb-entry, x_refsource_XF)
69266 (vdb-entry, x_refsource_BID)
20140818 Cisco NX-OS Software SNMP Information Disclosure Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
1030746 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2014-3341?: CVE-2014-3341 is a vulnerability in Cisco Nexus_5000, classified under Information Disclosure. Published 2014-08-19.
Is CVE-2014-3341 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.