UCF STIG Viewer Logo

The network device must not use the default or well-known SNMP community strings public and private.


Finding ID Version Rule ID IA Controls Severity
V-3210 NET1665 SV-3210r4_rule High
Network devices may be distributed by the vendor pre-configured with an SNMP agent using the well-known SNMP community strings public for read only and private for read and write authorization. An attacker can obtain information about a network device using the read community string "public". In addition, an attacker can change a system configuration using the write community string "private".
WLAN Access Point (Enclave-NIPRNet Connected) Security Technical Implementation Guide (STIG) 2019-10-02


Check Text ( C-3822r7_chk )
Review the network devices configuration and verify if either of the SNMP community strings "public" or "private" is being used.

If default or well-known community strings are used for SNMP, this is a finding.
Fix Text (F-3235r4_fix)
Configure unique SNMP community strings replacing the default community strings.