CVE-2014-3341

Cisco NX-OS < 7.0(3)N1(1) - VLAN Enumeration via SNMP Error Message Discrepancy

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-3341. PoCs published by ehabhussein.

AI-analyzed exploit summary This PoC exploits CVE-2014-3341, an SNMP information leakage vulnerability in Cisco Nexus switches. It identifies vulnerable switches, brute-forces VLAN IDs, and extracts sensitive information such as community strings, system uptime, and VTP credentials.

Description

The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows remote attackers to enumerate VLANs via a series of requests, aka Bug ID CSCup85616.

Exploits (1)

nomisec WORKING POC 4 stars
by ehabhussein · poc
https://github.com/ehabhussein/snmpvlan

This PoC exploits CVE-2014-3341, an SNMP information leakage vulnerability in Cisco Nexus switches. It identifies vulnerable switches, brute-forces VLAN IDs, and extracts sensitive information such as community strings, system uptime, and VTP credentials.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Cisco Nexus 5000 and 6000 series switches
No auth needed
Prerequisites: Network access to SNMP port (161/UDP) · Nmap for host discovery · TFTP server for configuration extraction
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/95329
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/69266
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1030746

Scores

EPSS 0.0466
EPSS Percentile 90.6%

Details

CWE
CWE-200
Status published
Products (50)
cisco/nexus_5000
cisco/nexus_5010
cisco/nexus_5010p_switch
cisco/nexus_5020
cisco/nexus_5020p_switch
cisco/nexus_5548p
cisco/nexus_5548up
cisco/nexus_5596t
cisco/nexus_5596up
cisco/nexus_56128p
... and 40 more
Published Aug 19, 2014
Tracked Since Feb 18, 2026