Cisco IOS SNMP Community string write privileges.

low Nessus Plugin ID 109118
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote device is has a SNMP community string with write privileges.

Description

According to its configuration, the Cisco IOS on the remote device has a SNMP community string with write access. This could allow remote configuration of the device, including copying and overwriting the running-config.

Solution

Ensure this acocunt is supposed to have write access and that only the expected MIBs are enabled on the SNMP server.

Plugin Details

Severity: Low

ID: 109118

File Name: cisco_snmp_write.nasl

Version: 1.6

Type: combined

Family: CISCO

Published: 4/18/2018

Updated: 1/14/2021

Dependencies: cisco_ios_version.nasl

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Host/Cisco/IOS/Version