B508: snmp_insecure_version
- bandit.plugins.snmp_security_check.snmp_insecure_version_check(context)[source]
B508: Checking for insecure SNMP versions
- This test is for checking for the usage of insecure SNMP version like
v1, v2c
Please update your code to use more secure versions of SNMP.
- Example:
>> Issue: [B508:snmp_insecure_version_check] The use of SNMPv1 and SNMPv2 is insecure. You should use SNMPv3 if able. Severity: Medium Confidence: High CWE: CWE-319 (https://cwe.mitre.org/data/definitions/319.html) Location: examples/snmp.py:4:4 More Info: https://bandit.readthedocs.io/en/latest/plugins/b508_snmp_insecure_version_check.html 3 # SHOULD FAIL 4 a = CommunityData('public', mpModel=0) 5 # SHOULD FAIL
See also
Added in version 1.7.2.
Changed in version 1.7.3: CWE information added