Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-3022 | NET0892 | SV-3022r2_rule | Medium |
Description |
---|
SNMP information can be used to trace the network and reveal networks topology that could enable malicious users to gain access to network devices. |
STIG | Date |
---|---|
Perimeter L3 Switch Security Technical Implementation Guide - Cisco | 2017-06-27 |
Check Text ( C-3938r2_chk ) |
---|
Review the ingress filter and verify SNMP has been restricted. SNMP operates on the TCP/UDP port 161. |
Fix Text (F-3047r1_fix) |
---|
The administrator will change the router configuration to block SNMP traffic at the perimeter. |