TWSD-1595 : SNMP: SNMP host is accepting non-configured user for version 3
Review Request #1470 — Created March 27, 2026 and submitted
| Information | |
|---|---|
| bsrivalli | |
| AVX2 | |
| rel_avx_2_7_6 | |
| TWSD-1595 | |
| Reviewers | |
| ngurunathan, stevenku, wli | |
SNMPv3 is expected to allow access only to configured users, but the system responds even when an non-configured username is used, indicating a gap in user validation.
Validation logic has been enhanced to ensure that only configured SNMPv3 users are accepted. The system now rejects requests from non-configured users and returns an appropriate authentication failure response.
AN(config)#sh run snmp
snmp configuration
snmp community "public"
snmp contact ""
snmp location ""
no snmp enable traps
snmp v3user "admin" "admin1212" authNopriv
snmp ipcontrol off
snmp on defaultAN(config)#snmp host 1.1.1.1 3 array 123456789923 "admin@123" authNopriv
array user does not exist in user database of SNMP.AN(config)#snmp v3user array "admin@123" authNopriv
AN(config)#snmp host 1.1.1.1 3 array 123456789923 "admin@123" authNopriv
AN(config)#sh run snmp
snmp configuration
snmp community "public"
snmp contact ""
snmp location ""
snmp host 1.1.1.1 3 "array" "123456789923" "admin@123" authNopriv
no snmp enable traps
snmp v3user "admin" "admin1212" authNopriv
snmp v3user "array" "admin@123" authNopriv
snmp ipcontrol off
snmp on default
