Open MicSkr opened 11 months ago
SNMP community is hard coded to public No way to specify SNMP Community.
Good Security practices include removing SNMP community strings or changing from public. https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-108 (Search for "community" to understand)
Steps to reproduce the behavior:
Submit the following declaration: Anything using the example SNMP declaration as a model https://clouddocs.f5.com/products/extensions/f5-telemetry-streaming/latest/declarations.html#querying-snmp-using-a-custom-endpoint
Change SNMP community string from Public https://www.cisa.gov/news-events/news/securing-network-infrastructure-devices https://www.cisa.gov/news-events/alerts/2017/06/05/reducing-risk-snmp-abuse
Observe the following error response: Any device where a custom community string has been configured does not produce SNMP
Include a field which can specify the SNMP community
Hard Coded Community String here, Line 121 of lib/systemStats.js
https://github.com/F5Networks/f5-telemetry-streaming/blob/2085543cbb9df89c9949d86538207bae00d03907/src/lib/systemStats.js#L121
Environment
Summary
SNMP community is hard coded to public No way to specify SNMP Community.
Good Security practices include removing SNMP community strings or changing from public. https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-108 (Search for "community" to understand)
Steps To Reproduce
Steps to reproduce the behavior:
Submit the following declaration: Anything using the example SNMP declaration as a model https://clouddocs.f5.com/products/extensions/f5-telemetry-streaming/latest/declarations.html#querying-snmp-using-a-custom-endpoint
Change SNMP community string from Public https://www.cisa.gov/news-events/news/securing-network-infrastructure-devices https://www.cisa.gov/news-events/alerts/2017/06/05/reducing-risk-snmp-abuse
Observe the following error response: Any device where a custom community string has been configured does not produce SNMP
Expected Behavior
Include a field which can specify the SNMP community
Actual Behavior
Hard Coded Community String here, Line 121 of lib/systemStats.js
https://github.com/F5Networks/f5-telemetry-streaming/blob/2085543cbb9df89c9949d86538207bae00d03907/src/lib/systemStats.js#L121