Sat Nov 09, 2024 2:55 pm
SNMP v1 & v2c are not particularly secure, however as SwOS doesn't support writes the worst case is information disclosure. There are other issues with SwOS - the UI uses basic digest authentication, content is not encrypted, the password is stored as hex ASCII in the configuration file.
Some mitigations can be used, e.g. restrict access via a specific management VLAN, implement network ACL elsewhere, and use a different password to that on secure devices, but you can't overcome the device limitations completely.