LiveActive security incident?Get immediate response
CVE Record

CVE-1999-0517: An SNMP community name is the default (e.g.

An SNMP community name is the default (e.g. public), null, or missing.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysismoderate

Security readout for executives and security teams

Plain-English summary

Many network devices ship with SNMP enabled using a default, blank, or missing community name such as "public" or "private". Anyone who can reach the device over the network can then query or, if write access is enabled, change configuration data. In business terms, it is the equivalent of leaving a management console open with a well-known password, giving outsiders insight into inventory, topology, and sometimes control.

Executive priority

Treat as a hygiene and audit item rather than an emergency patch. Prioritize any internet-exposed or DMZ devices first, then internal infrastructure. Left unresolved, it consistently appears on audit findings and creates easy reconnaissance for intruders already inside the network.

Technical view

CVE-1999-0517 covers SNMP agents configured with default community strings (commonly "public" for read, "private" for read/write), null strings, or no authentication at all. SNMPv1 and v2c transmit these community names in cleartext and rely on them as the sole access control. An attacker with UDP/161 reachability can enumerate MIB data, and where write community is default, modify device configuration. The Brocade advisory referenced in the bundle documents the issue in Fibre Channel switch products.

Likely exposure

Any SNMP-enabled asset reachable from an untrusted network segment with default, null, or missing community strings. Common on legacy switches, routers, printers, UPS units, and management appliances where SNMPv1/v2c remains enabled without hardening.

Exploitation context

Not listed in CISA KEV. No cited source in this bundle confirms active exploitation tied to this CVE ID, but default SNMP community discovery is a long-standing, well-known reconnaissance and misconfiguration finding routinely flagged by vulnerability scanners and internal audits.

Researcher notes

This is a configuration weakness, not a code-level vulnerability, so there is no patch to apply; remediation is entirely a hardening exercise. The record dates back to 1999 and remains cited in modern vendor advisories, including Brocade Security Advisory 2017-244. Sources in the bundle do not specify affected products beyond generic SNMP agents and the Brocade Fibre Channel networking line.

Mitigation direction

  • Disable SNMP on devices that do not require it for monitoring.
  • Replace default community strings with strong, unique values across all environments.
  • Migrate to SNMPv3 with authentication and encryption where the device supports it.
  • Restrict SNMP access via ACLs to known management hosts only.
  • Follow vendor guidance such as the Brocade security advisory referenced in the source bundle.
  • Segment management traffic onto a dedicated out-of-band or restricted VLAN.

Validation and detection

  • Inventory all devices with UDP/161 exposed and record configured SNMP versions.
  • Audit configurations for community strings equal to public, private, blank, or vendor defaults.
  • Run authenticated configuration checks or scanner policies that flag default community strings.
  • Verify firewall and ACL rules limit SNMP to authorized management subnets.
  • Confirm SNMPv3 users use non-default authentication and privacy protocols where deployed.
Prepared
Confidence
high
Sources
4

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-1999-0517 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
0Timeline events
0ADP providers
3Source links

CVSS and timeline data

No CVSS vectors or timeline events were available in the normalized CVE source material.

Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
n/an/an/aListed
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.