Multiple Vendor SNMP public Community String Information Disclosure

medium Nessus Plugin ID 74091


The remote hosts leaks sensitive information when sending SNMP requests using the 'public' SNMP community string.


Nessus was able to enumerate sensitive information on the remote device by sending SNMP requests using 'public' as the SNMP community string.


Reconfigure or restrict access to the SNMP server.

Plugin Details

Severity: Medium

ID: 74091

File Name: snmp_info_disclosure.nasl

Version: Revision: 1.2

Type: remote

Family: SNMP

Published: 5/19/2014

Updated: 9/24/2015

Risk Information


Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Required KB Items: SNMP/sysDesc

Exploited by Nessus: true

Vulnerability Publication Date: 5/16/2014