Title

The network device must not use the default or well-known SNMP community strings public and private. (Cat I impact)

Discussion

Network devices may be distributed by the vendor pre-configured with an SNMP agent using the well-known SNMP community strings public for read only and private for read and write authorization. An attacker can obtain information about a network device using the read community string "public". In addition, an attacker can change a system configuration using the write community string "private".

Check Content

Review the network devices configuration and verify if either of the SNMP community strings "public" or "private" is being used. If default or well-known community strings are used for SNMP, this is a finding.

Fix Text

Configure unique SNMP community strings replacing the default community strings.

Additional Identifiers

Rule ID: SV-3210r4_rule

Vulnerability ID: V-3210

Group Title: Using default SNMP community names.

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.