06-27-2019 12:21 PM - edited 02-21-2020 11:07 AM
Considering this gateway is not supported any longer, How can we remediate the vulnerability described below.
AS5400XM, Cisco IOS Software, 5400 Software (C5400-JK9S-M), Version 15.1(4)M6, RELEASE SOFTWARE (fc2)
Qualys vulnerability calls out the following actions(see my questions for each item):
*Disable or remove SNMPv1/2c authentication. - can this be done without affecting the gateway, if so, how do we do this.
*Use SNMP version 3 authentication - can we use this with our current version?
Workaround:
*As a temporary measure, block access to SNMP services at the network perimeter. - how is this done
*In situations where blocking or disabling SNMP is not possible,restrict all SNMP access to separate, isolated management networks that are not publicly accessible. - again, how is this done
*If SNMP can not be used, look into third party applications / remote services that can be a replacement for SNMP. - what are our options on this gateway given it is no longer supported by Cisco.
Solved! Go to Solution.
06-29-2019 12:01 AM
I don't think your question is in the right forum but to answer your question:
- Disable SNMP: In general disabling SNMP should not affect the main functionality of the device aside from remote management
- SNMPv3: You can try running 'snmp-server group' command and see if 'v3' is an option. This will show whether v3 is supported or not. More information here: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/command/nm-snmp-cr-book/nm-snmp-cr-s5.html#wp1853214142
The workaround listed below is suggesting limiting SNMP access to the device by using FW or filtering device that is present in front of the device.
06-29-2019 12:01 AM
I don't think your question is in the right forum but to answer your question:
- Disable SNMP: In general disabling SNMP should not affect the main functionality of the device aside from remote management
- SNMPv3: You can try running 'snmp-server group' command and see if 'v3' is an option. This will show whether v3 is supported or not. More information here: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/command/nm-snmp-cr-book/nm-snmp-cr-s5.html#wp1853214142
The workaround listed below is suggesting limiting SNMP access to the device by using FW or filtering device that is present in front of the device.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide