BMC SNMP Agent Default Community Name (public)

high Nessus Plugin ID 51160

Synopsis

The community name of the remote SNMP server is set to 'public'.

Description

The remote SNMP server, listening on port 8161 (probably part of BMC Patrol) has a community name set to 'public'.

An attacker may use this information to gain more knowledge about the remote host or to change the configuration of the remote system (if the default community allow such modifications).

Solution

Configure BMC patrol to disable SNMP or change the community to something hard to guess.

Plugin Details

Severity: High

ID: 51160

File Name: bmc_snmp_public.nasl

Version: Revision: 1.3

Type: remote

Family: SNMP

Published: 12/14/2010

Updated: 11/11/2016

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P