The default passwords and SNMP community strings of all management services have not been replaced with complex passwords.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-6781	MFD02.001	SV-7003r1_rule	IAIA-1 IAIA-2	High

Description
There are many known vulnerabilities in the SNMP protocol and if the default community strings and passwords are not modified a unauthorized individual could gain control of the MFD or printer. This could lead to a denial of service or the compromise of sensitive data. The SA will ensure the default passwords and SNMP community strings of all management services are replaced with complex passwords.

Description

There are many known vulnerabilities in the SNMP protocol and if the default community strings and passwords are not modified a unauthorized individual could gain control of the MFD or printer. This could lead to a denial of service or the compromise of sensitive data. The SA will ensure the default passwords and SNMP community strings of all management services are replaced with complex passwords.

STIG	Date
Multifunction Device and Network Printers STIG	2015-06-30

Details

Check Text ( C-2966r1_chk )
The reviewer will, with assistance from SA, verify that the default passwords and SNMP community strings of all management services have not been replaced with complex passwords.

Fix Text (F-6434r1_fix)
Develop a plan to coordinate the modification of the default passwords and SNMP community strings of all management services replacing them with complex passwords. Obtain CM approval of the plan and execute the plan.