STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to VMware vSphere 7.0 vCenter Security Technical Implementation Guide

V-256345

CAT II (Medium)

The vCenter server must disable SNMPv1/2 receivers.

Rule ID

SV-256345r885646_rule

STIG

VMware vSphere 7.0 vCenter Security Technical Implementation Guide

Version

V1R3

CCIs

CCI-001967

Discussion

SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. Therefore, SNMPv1/2 receivers must be disabled, while SNMPv3 is configured in another control. vCenter exposes SNMP v1/2 in the UI and SNMPv3 in the CLI.

Check Content

From the vSphere Client, go to Host and Clusters.

Select a vCenter Server >> Configure >> Settings >> General.

Click "Edit".

On the "SNMP receivers" tab, note the presence of any enabled receiver.

If there are any enabled receivers, this is a finding.

Fix Text

From the vSphere Client, go to Host and Clusters.

Select a vCenter Server >> Configure >> Settings >> General.

Click "Edit".

On the "SNMP receivers" tab, ensure all receivers are disabled.