HOMEVULNERABILITIESCVE-2008-0960
CRITICALPOC

CVE-2008-0960

CWE-287Published: June 10, 2008· Updated: Jun 16, 2026

10.0
CVSS v3.1

Official Description

SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.

NVD Source

Technical Analysis

CVE-2008-0960 can be exploited remotely over the network without requiring physical or adjacent access, significantly expanding the attack surface for threat actors.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

A proof-of-concept (PoC) exploit exists for CVE-2008-0960. While not yet confirmed in active campaigns, the availability of PoC code increases exploitation risk substantially.

From a weakness classification perspective (CWE-287): Authentication bypass vulnerabilities allow attackers to access protected resources without valid credentials.

CVSS v3.1 Vector Breakdown

Exploitability
Attack VectorNetwork
Attack ComplexityLow
Privileges Req.
User Interaction
Scope
Impact
ConfidentialityC
IntegrityC
AvailabilityC
AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected Vendors & Products

Cisco17 product(s)
catoscisco iosiosios xrnx osace 10 6504 bundle with 4 gbps throughputace 10 6509 bundle with 8 gbps throughputace 10 service moduleace 20 6504 bundle with 4gbps throughputace 20 6509 bundle with 8gbps throughputace 20 service moduleace 4710+5
ecos_sourceware1 product(s)
ecos
ingate2 product(s)
ingate firewallingate siparator
Juniper Networks2 product(s)
session and resource controlsrc pe
net-snmp1 product(s)
net snmp
sun2 product(s)
solarissunos
Source: NVD CPE · 128 total CPE entries

Exploit & PoC Resources

POC AVAILABLEProof-of-concept code exists
External links open in a new tab. Always verify in a controlled environment before use.

Official Patches & Advisories

All References (128)

Quick Facts

CVE IDCVE-2008-0960
CVSS Score10.0 / 10
SeverityCRITICAL
WeaknessCWE-287
CISA KEVNo
ExploitPOC
Affected6 vendor(s)
PublishedJun 10, 2008

Related CVEs (CWE-287)

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2008-0960 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.