SNMP Information Disclosure

Vulnerability Details

SNMP services are accessible with default or weak community strings, allowing unauthorized parties to query device information and potentially modify configurations.

An attacker could extract sensitive network configuration details, hardware information, running processes, and installed software. With write access, attackers could modify device configurations.

Change default SNMP community strings. Use SNMPv3 with authentication and encryption. Restrict SNMP access to authorized management stations using ACLs. Disable SNMP if not required.

• https://www.cisa.gov/news-events/alerts/2017/06/05/reducing-risk-snmp-abuse