SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Cisco NX-OS Vendors:   Cisco
Cisco NX-OS Nexus 5000/6000 SNMP Bug Lets Remote Users Obtain Potentially Sensitive Information
SecurityTracker Alert ID:  1030746
SecurityTracker URL:  http://securitytracker.com/id/1030746
CVE Reference:   CVE-2014-3341   (Links to External Site)
Date:  Aug 20 2014
Impact:   Disclosure of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Nexus 5000/6000
Description:   A vulnerability was reported in Cisco NX-OS Nexus 5000 and 6000 Series routers. A remote user can obtain potentially sensitive information.

A remote user can send a large number of Simple Network Management Protocol (SNMP) requests to determine VLAN IDs for VLANs configured on the system.

The vendor has assigned bug ID CSCup85616 to this vulnerability.

Ehab Hussein of IOActive reported this vulnerability.

Impact:   A remote user can obtain potentially sensitive VLAN information.
Solution:   The vendor has issued a fix.

The vendor's advisory is available at:

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3341

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3341 (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC