The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows remote attackers to enumerate VLANs via a series of requests, aka Bug ID CSCup85616.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Information
Published : 2014-08-19 04:16
Updated : 2017-08-28 18:34
NVD link : CVE-2014-3341
Mitre link : CVE-2014-3341
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
cisco
- nexus_5596t
- nexus_5596up
- nexus_6004x
- nexus_5000
- nexus_5020
- nexus_5020p_switch
- nexus_5672up
- nexus_6004
- nexus_5548p
- nexus_6001
- nexus_5548up
- nx-os
- nexus_5010p_switch
- nexus_56128p
- nexus_5010