ESXI-67-000053 – SNMP must be configured properly on the ESXi host.

Details

If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can then use this information to plan an attack.

Solution

To disable SNMP, run the following command from a PowerCLI command prompt while connected to the ESXi Host:

Get-VMHostSnmp | Set-VMHostSnmp -Enabled $false

From a console or ssh session, run the follow command:

esxcli system snmp set -e no

To configure SNMP for v3 targets, use the ‘esxcli system snmp set’ command set.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-7_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system VMware.

References

800-53|CM-6b.
CAT|II
CCI|CCI-000366
Rule-ID|SV-239307r674850_rule
STIG-ID|ESXI-67-000053
STIG-Legacy|SV-104139
STIG-Legacy|V-94053
Vuln-ID|V-239307

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles