SNMPv2c/v1 used for F5

Vendor

F5

Description

As SNMPv2 is not very secure, Indeni will alert if it is used.

Remediation Steps

Configure SNMPv3 instead.Review https://support.f5.com/csp/article/K13625

How does this work?

This alert uses the iControl REST interface to extract SNMP configuration.

Why is this important?

Version 1 and 2 of the SNMP protocol is unencrypted. This could potentially allow an attacker to obtain valuable information about the infrastructure.

Without Indeni how would you find this?

Login to the device's web interface and click on "System" -> "SNMP" -> "Agent" -> " Access (v1, v2c)". This would show a list of configured access for SNMP version 1 and 2c.

View Source Code
single