CCE-91931-6Platform: cpe:/o:ubuntu:ubuntu_linux:16.04 | Date: (C)2018-07-09 (M)2023-07-14 |
The Simple Network Management Protocol (SNMP) server is used to listen for SNMP commands from an SNMP management system, execute the commands or collect the information and then send results back to the requesting system.
Rationale:
The SNMP server communicates using SNMP v1, which transmits data in the clear and does not require authentication to execute commands. Unless absolutely necessary, it is recommended that the SNMP service not be used.
Fix:
Remove any start links for snmpd from /etc/rc*.d:
# rm /etc/rc*.d/S*snmpd
Parameter:
[yes/no]
Technical Mechanism:
Remove any start links for snmpd from /etc/rc*.d:
# rm /etc/rc*.d/S*snmpd
CCSS Severity: | CCSS Metrics: |
CCSS Score : 8.2 | Attack Vector: NETWORK |
Exploit Score: 3.9 | Attack Complexity: LOW |
Impact Score: 4.2 | Privileges Required: NONE |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H | Scope: UNCHANGED |
| Confidentiality: LOW |
| Integrity: NONE |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:46192 |