HomePentest-Tools.com Logo

Cisco NX-OS Software SNMP Information Disclosure Vulnerability (Cisco-SA-20140818-CVE-2014-3341)

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

A vulnerability in the Simple Network Management Protocol (SNMP) module of Cisco NX-OS Software could allow an unauthenticated, remote attacker to access sensitive information.

Risk description

The vulnerability is due to a failure to respond to invalid requests in the same manner when specifying a VLAN ID. An attacker could exploit this vulnerability by making a large number of requests to the listening SNMP port of an affected device. A successful exploit could allow the attacker to enumerate VLANs that are configured on the affected device.

Recommendation

See the referenced vendor advisory for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Aug 19, 2014
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available