SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Catos | Cisco | 7.1.1 | 7.1.1 |
Catos | Cisco | 7.3.1 | 7.3.1 |
Catos | Cisco | 7.4.1 | 7.4.1 |
Catos | Cisco | 8.3 | 8.3 |
Cisco_ios | Cisco | 12.0 | 12.0 |
Cisco_ios | Cisco | 12.0 | 12.0 |
Cisco_ios | Cisco | 12.1 | 12.1 |
Cisco_ios | Cisco | 12.2 | 12.2 |
Cisco_ios | Cisco | 12.2 | 12.2 |
Cisco_ios | Cisco | 12.2 | 12.2 |
Cisco_ios | Cisco | 12.2 | 12.2 |
Cisco_ios | Cisco | 12.2 | 12.2 |
Cisco_ios | Cisco | 12.2 | 12.2 |
Cisco_ios | Cisco | 12.2 | 12.2 |
Cisco_ios | Cisco | 12.2 | 12.2 |
Cisco_ios | Cisco | 12.2 | 12.2 |
Cisco_ios | Cisco | 12.2 | 12.2 |
Cisco_ios | Cisco | 12.2 | 12.2 |
Cisco_ios | Cisco | 12.2 | 12.2 |
Cisco_ios | Cisco | 12.2 | 12.2 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.3 | 12.3 |
Cisco_ios | Cisco | 12.4 | 12.4 |
Cisco_ios | Cisco | 12.4 | 12.4 |
Cisco_ios | Cisco | 12.4 | 12.4 |
Cisco_ios | Cisco | 12.4 | 12.4 |
Cisco_ios | Cisco | 12.4 | 12.4 |
Cisco_ios | Cisco | 12.4 | 12.4 |
Cisco_ios | Cisco | 12.4 | 12.4 |
Cisco_ios | Cisco | 12.4 | 12.4 |
Ios | Cisco | 10.0 | 10.0 |
Ios | Cisco | 11.0 | 11.0 |
Ios | Cisco | 11.1 | 11.1 |
Ios | Cisco | 11.3 | 11.3 |
Ios | Cisco | 12.2 | 12.2 |
Ios_xr | Cisco | 2.0 | 2.0 |
Ios_xr | Cisco | 3.0 | 3.0 |
Ios_xr | Cisco | 3.2 | 3.2 |
Ios_xr | Cisco | 3.3 | 3.3 |
Ios_xr | Cisco | 3.4 | 3.4 |
Ios_xr | Cisco | 3.5 | 3.5 |
Ios_xr | Cisco | 3.6 | 3.6 |
Ios_xr | Cisco | 3.7 | 3.7 |
Nx_os | Cisco | 4.0 | 4.0 |
Nx_os | Cisco | 4.0.1 | 4.0.1 |
Nx_os | Cisco | 4.0.2 | 4.0.2 |
Ecos | Ecos_sourceware | 1.1 | 1.1 |
Ecos | Ecos_sourceware | 1.2.1 | 1.2.1 |
Ecos | Ecos_sourceware | 1.3.1 | 1.3.1 |
Ecos | Ecos_sourceware | 2.0 | 2.0 |
Ecos | Ecos_sourceware | 2.0 | 2.0 |
Net_snmp | Net-snmp | 5.0 | 5.0 |
Net_snmp | Net-snmp | 5.0.1 | 5.0.1 |
Net_snmp | Net-snmp | 5.0.2 | 5.0.2 |
Net_snmp | Net-snmp | 5.0.3 | 5.0.3 |
Net_snmp | Net-snmp | 5.0.4 | 5.0.4 |
Net_snmp | Net-snmp | 5.0.5 | 5.0.5 |
Net_snmp | Net-snmp | 5.0.6 | 5.0.6 |
Net_snmp | Net-snmp | 5.0.7 | 5.0.7 |
Net_snmp | Net-snmp | 5.0.8 | 5.0.8 |
Net_snmp | Net-snmp | 5.0.9 | 5.0.9 |
Net_snmp | Net-snmp | 5.1 | 5.1 |
Net_snmp | Net-snmp | 5.1.1 | 5.1.1 |
Net_snmp | Net-snmp | 5.1.2 | 5.1.2 |
Net_snmp | Net-snmp | 5.2 | 5.2 |
Net_snmp | Net-snmp | 5.3 | 5.3 |
Net_snmp | Net-snmp | 5.3.0.1 | 5.3.0.1 |
Net_snmp | Net-snmp | 5.4 | 5.4 |
Solaris | Sun | 10.0 | 10.0 |
Sunos | Sun | 5.10 | 5.10 |