StoreEver Tape Storage
cancel
Showing results for 
Search instead for 
Did you mean: 

HP MSL 2024 G3 Series Writeable SNMP Information vulnerability

 
Highlighted
Occasional Contributor

HP MSL 2024 G3 Series Writeable SNMP Information vulnerability

Hello,

how to fix writeable snmp information

Best regards,

2 REPLIES 2
Highlighted
HPE Pro

Re: HP MSL 2024 G3 Series Writeable SNMP Information vulnerability

When a new industry-wide security vulnerability is released, HPE investigates its product line to determine the impact. For impacted products, Security Bulletins will be published. These bulletins will contain impacted product versions and the resolution (patch, upgrade, or configuration change).
https://www.hpe.com/in/en/services/security-vulnerability.html 

However, do not see any such security vulnerability addressed for this HPE MSL 2024.

Request you to share the cve details regarding this vulnerability.
The severity of this vulnerability
Which application had detected this vulnerablity and the fix recommended?


To address this issue:

As SNMP is identified as the source, this can be impacted , when SNMP is enabled.
You can implement this work around - Disable SNMP from the RMI console.


* Log in to the RMI webconsole of the MSL.

* Use the Configuration > Network Management page to enable and configure SNMP (Simple Network Management Protocol), which allows applications such as HPE Systems Insight Manager  to manage the device. The device supports both SNMP configuration and SNMP traps. SNMP can only be configured with the RMI; it cannot be configured with the OCP.

* You can change:  • SNMP Enabled — Uncheck this option.
NOTE: When checked, the device can be managed by computers listed in the  SNMP Target IP Addresses field.

I work for HPE

Accept or Kudo

Highlighted
Occasional Contributor

Re: HP MSL 2024 G3 Series Writeable SNMP Information vulnerability

Hi,

Should we proceed (SNMP Disable) to know that the traps will no longer be sent to the destination snmp?

snmp.png