Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability

A vulnerability exists in Cisco IOS and IOS XE Software that allows an authenticated, remote attacker to poll a device using SNMPv3, despite configurations intended to block such traffic from unauthorized sources or the absence of a specified SNMPv3 username. This issue arises from how SNMPv3 configurations are saved in the startup files, potentially leading to unauthorized SNMP operations. To exploit this vulnerability, an attacker must possess valid SNMPv3 user credentials.

Impact

Exploitation enables unauthorized SNMP operations from a denied source address.

Remediation

While Cisco does not plan to release a patch for this vulnerability, users can upgrade to Cisco IOS XE Software versions 17.15.3 or 17.17.1, which introduce a new SNMPv3 configuration method that bypasses the vulnerability. After upgrading, administrators must reconfigure SNMPv3 using the new method. For Cisco IOS Software, no fixed release is available, but users should validate their SNMPv3 configurations to ensure they do not exceed the 255-character limit.