STIGQter: STIG Summary: WLAN Controller Security Technical Implementation Guide (STIG) Version: 6 Release: 15 Benchmark Date: 26 Apr 2019:

The network device must use different SNMP community names or groups for various levels of read and write access.

DISA Rule

SV-3043r4_rule

Vulnerability Number

V-3043

Group Title

SNMP privileged and non-privileged access.

Rule Version

NET1675

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the SNMP community strings on the network device and change them from the default values. SNMP community strings and user passwords must be unique and not match any other network device passwords. Different community strings (V1/2) or groups (V3) must be configured for various levels of read and write access.

Check Contents

Review the SNMP configuration of all managed nodes to ensure different community names (V1/2) or groups/users (V3) are configured for read-only and read-write access.

If unique community strings or accounts are not used for SNMP peers, this is a finding.

Vulnerability Number

V-3043

Documentable

False

Rule Version

NET1675

Severity Override Guidance

Review the SNMP configuration of all managed nodes to ensure different community names (V1/2) or groups/users (V3) are configured for read-only and read-write access.

If unique community strings or accounts are not used for SNMP peers, this is a finding.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

1538

Comments