Details
An SNMP community string permits read-only access to all objects.
Rationale:
The default community string ‘private’ is well known. Using easy to guess, well known community string poses a threat that an attacker can effortlessly gain unauthorized access to the device.
Impact:
To reduce the risk of unauthorized access, Organizations should disable default, easy to guess, settings such as the ‘private’ setting for snmp-server community.
Solution
Disable the default SNMP community string private
hostname(config)#no snmp-server community {private}
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Cisco.