UCF STIG Viewer Logo

The network element must not use the default or well-known SNMP community strings public and private.


Finding ID Version Rule ID IA Controls Severity
V-3210 NET1665 SV-3210r2_rule ECSC-1 IAIA-1 IAIA-2 High
Network elements may be distributed by the vendor pre-configured with an SNMP agent using the well known SNMP community strings public for read only and private for read and write authorization. An attacker can obtain information about a network element using the read community string "public". In addition, an attacker can change a system configuration using the write community string "private".
Free Space Optics Device Security Technical Implementation Guide (STIG) 2013-03-14


Check Text ( C-3822r5_chk )
Review the network element configuration and verify if either of the SNMP community strings “public” or “private” is being used.
Fix Text (F-3235r4_fix)
Configure unique SNMP community strings replacing the default community strings.