UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network element must not use the default or well-known SNMP community strings public and private.


Overview

Finding ID Version Rule ID IA Controls Severity
V-3210 NET1665 SV-3210r2_rule ECSC-1 IAIA-1 IAIA-2 High
Description
Network elements may be distributed by the vendor pre-configured with an SNMP agent using the well known SNMP community strings public for read only and private for read and write authorization. An attacker can obtain information about a network element using the read community string "public". In addition, an attacker can change a system configuration using the write community string "private".
STIG Date
Firewall Security Technical Implementation Guide 2013-10-08

Details

Check Text ( C-3822r5_chk )
Review the network element configuration and verify if either of the SNMP community strings “public” or “private” is being used.
Fix Text (F-3235r4_fix)
Configure unique SNMP community strings replacing the default community strings.