SNMPv3 without authentication or encryption
Description
Pysnmp was detected using SNMPv3 without authentication or encryption protections enabled. This can lead to sensitive information being transmitted in cleartext, which can be intercepted and exploited by attackers.
Examples
Insecure Code
python
UsmUserData('username', None, None)Secure Code
python
UsmUserData('username', 'authKey', 'privKey', authProtocol=usmHMACSHAAuthProtocol, privProtocol=usmAesCfb128Protocol)Remediation
Use both authentication and privacy features in SNMPv3 by setting the `authProtocol` to `usmHMACSHAAuthProtocol` and providing a strong `authKey`, and setting the `privProtocol` to `usmAesCfb128Protocol` and specifying a strong `privKey`.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0161 |
| Category | Crypto |
| Severity | MEDIUM |
| CWE | CWE-319 |
| Confidence | HIGH |
| Impact | MEDIUM |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | SNMPv3, authentication, encryption |
| OWASP | A3:2017-Sensitive Data Exposure, A02:2021-Cryptographic Failures |