Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-3210 | NET1665 | SV-3210r2_rule | ECSC-1 IAIA-1 IAIA-2 | High |
Description |
---|
Network elements may be distributed by the vendor pre-configured with an SNMP agent using the well known SNMP community strings public for read only and private for read and write authorization. An attacker can obtain information about a network element using the read community string "public". In addition, an attacker can change a system configuration using the write community string "private". |
STIG | Date |
---|---|
Firewall Security Technical Implementation Guide - Cisco | 2013-10-08 |
Check Text ( C-3822r5_chk ) |
---|
Review the network element configuration and verify if either of the SNMP community strings “public” or “private” is being used. |
Fix Text (F-3235r4_fix) |
---|
Configure unique SNMP community strings replacing the default community strings. |