Used by various devices and applications (including firewalls and routers) to communicate logging and management information with remote monitoring applications. Typically, SNMP agents listen on UDP port 161, asynchronous traps are received on port 162.
SNMP ports are utilised via UDP 161 for SNMP Managers communicating with SNMP Agents (i.e. polling) and UDP 162 when agents send unsolicited Traps to the SNMP Manager.
Recommended Actions
One of the key vulnerabilities of several versions of the SNMP protocol (SNMPv1 and SNMPv2) is that SNMP messages are sent across the network unencrypted, meaning that someone with a packet sniffer can read the community string in plain text. SNMPv2 introduced the Inform features which allow acknowledgement of the receipt of messages by the manager while the SNMPv3 introduced an enhanced security system that authenticates messages and ensures their privacy especially if they are forwarded through the Internet. We recommend the use of v2 or v3 SNMP as a minimum and disable SNMP v1 controls on equipment.
Reference Material
CVE.mitre.org is also another useful site and by searching their “CVE list” and typing in the Vulnerability they can help identify and mitigate the issue:
https://www.cvedetails.com/vulnerability-list/vendor_id-227/product_id-394/Snmp-Snmp.html