BMC SNMP Agent Default Community Name (public)

High Nessus Plugin ID 51160

Synopsis

The community name of the remote SNMP server is set to 'public'.

Description

The remote SNMP server, listening on port 8161 (probably part of BMC Patrol) has a community name set to 'public'.

An attacker may use this information to gain more knowledge about the remote host or to change the configuration of the remote system (if the default community allow such modifications).

Solution

Configure BMC patrol to disable SNMP or change the community to something hard to guess.

Plugin Details

Severity: High

ID: 51160

File Name: bmc_snmp_public.nasl

Version: Revision: 1.3

Type: remote

Family: SNMP

Published: 2010/12/14

Updated: 2016/11/11

Dependencies: 11153

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C