New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 3.6
Synopsis
The remote SNMP daemon is susceptible to a denial of service attack.
Description
It is possible to disable the remote SNMP daemon by sending a GETBULK request with a large value for 'max-repetitions'. A remote attacker may be able to leverage this issue to cause the daemon to consume excessive memory and CPU on the affected system while it tries unsuccessfully to process the request, thereby denying service to legitimate users.
Solution
Disable the SNMP service on the remote host if you do not use it. Otherwise, upgrade to version 5.4.1 or later if using Net-SNMP.