Our application security team reported - Readable SNMP Information vulnerability in SiteMinder Policy Server
Diagnosis: Unauthorized users can read all SNMP information because the access password is not secure.
We need your guidance to remediate the SNMP Readable vulnerability in Policy server.
Release : Any release
- By default the Symantec Siteminder policy server uses "public" as its SNMP Community String. This will cause security scanning tools such as Nessus to report that the Policy Server is susceptible to this issue.
- The solution is to change the default SNMP Community String.
To change the SNMP community string to something besides public:
Log into the Policy Server through ssh
Become root: sudo su – root
Edit the snmpd.conf file: vi /etc/snmp/snmpd.conf
Go to the end of the file
Edit the “-c” parameter to change the value from “public” to the desired community string
Save the file