CVE-2014-3341
Cisco NX-OS < 7.0(3)N1(1) - VLAN Enumeration via SNMP Error Message Discrepancy
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2014-3341. PoCs published by ehabhussein.
AI-analyzed exploit summary This PoC exploits CVE-2014-3341, an SNMP information leakage vulnerability in Cisco Nexus switches. It identifies vulnerable switches, brute-forces VLAN IDs, and extracts sensitive information such as community strings, system uptime, and VTP credentials.
Description
The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows remote attackers to enumerate VLANs via a series of requests, aka Bug ID CSCup85616.
Exploits (1)
This PoC exploits CVE-2014-3341, an SNMP information leakage vulnerability in Cisco Nexus switches. It identifies vulnerable switches, brute-forces VLAN IDs, and extracts sensitive information such as community strings, system uptime, and VTP credentials.