{"description": "Edit <tt>/etc/snmp/snmpd.conf</tt>, remove any <tt>rwuser</tt> entries.\nOnce the read write users have been removed, restart the SNMP service:\n<pre>$ sudo systemctl restart snmpd</pre>", "rationale": "Certain SNMP settings can permit users to execute system behaviors from user\nwrites to the community strings.\nThis may permit a compromised account to execute commands on a remote system.", "severity": "medium", "references": {}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "there are users who can write to SNMP values", "ocil": "To ensure there are no read-write users, run the following command:\n<pre>$ sudo grep -v \"^#\" /etc/snmp/snmpd.conf| grep 'rwuser'</pre>\nThere should be no output.", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": "package[net-snmp]", "platforms": ["package[net-snmp]"], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": ["package_net-snmp"], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Ensure SNMP Read Write is disabled", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/snmp/snmp_configure_server/snmpd_no_rwusers/rule.yml", "template": null}