>/iSSKrSSKJr SSKJr \R "S5\R "S5S55r\R "S5\R "S5S55rg) N)issue)test_propertiesCallB508c 8URS:XaURSS5(dURSS5(a[[R"[R[R [ RRSURS5S9$gg) a**B508: Checking for insecure SNMP versions** This test is for checking for the usage of insecure SNMP version like v1, v2c Please update your code to use more secure versions of SNMP. :Example: .. code-block:: none >> Issue: [B508:snmp_insecure_version_check] The use of SNMPv1 and SNMPv2 is insecure. You should use SNMPv3 if able. Severity: Medium Confidence: High CWE: CWE-319 (https://cwe.mitre.org/data/definitions/319.html) Location: examples/snmp.py:4:4 More Info: https://bandit.readthedocs.io/en/latest/plugins/b508_snmp_insecure_version_check.html 3 # SHOULD FAIL 4 a = CommunityData('public', mpModel=0) 5 # SHOULD FAIL .. seealso:: - http://snmplabs.com/pysnmp/examples/hlapi/asyncore/sync/manager/cmdgen/snmp-versions.html - https://cwe.mitre.org/data/definitions/319.html .. versionadded:: 1.7.2 .. versionchanged:: 1.7.3 CWE information added zpysnmp.hlapi.CommunityDatampModelrzHThe use of SNMPv1 and SNMPv2 is insecure. You should use SNMPv3 if able. CommunityDataseverity confidencecwetextlinenoN) call_function_name_qualcheck_call_arg_valuebanditIssueMEDIUMHIGHrCweCLEARTEXT_TRANSMISSIONget_lineno_for_call_argcontexts \/home/james-whalen/.local/lib/python3.13/site-packages/bandit/plugins/snmp_security_check.pysnmp_insecure_version_checkr sH&&*FF  ' ' q   ) ))Q 7 7<<!;;II44166G  8 GB509c URS:XalURS:a[[R"[R[R [ RRSURS5S9$gg)aT**B509: Checking for weak cryptography** This test is for checking for the usage of insecure SNMP cryptography: v3 using noAuthNoPriv. Please update your code to use more secure versions of SNMP. For example: Instead of: `CommunityData('public', mpModel=0)` Use (Defaults to usmHMACMD5AuthProtocol and usmDESPrivProtocol `UsmUserData("securityName", "authName", "privName")` :Example: .. code-block:: none >> Issue: [B509:snmp_crypto_check] You should not use SNMPv3 without encryption. noAuthNoPriv & authNoPriv is insecure Severity: Medium CWE: CWE-319 (https://cwe.mitre.org/data/definitions/319.html) Confidence: High Location: examples/snmp.py:6:11 More Info: https://bandit.readthedocs.io/en/latest/plugins/b509_snmp_crypto_check.html 5 # SHOULD FAIL 6 insecure = UsmUserData("securityName") 7 # SHOULD FAIL .. seealso:: - http://snmplabs.com/pysnmp/examples/hlapi/asyncore/sync/manager/cmdgen/snmp-versions.html - https://cwe.mitre.org/data/definitions/319.html .. versionadded:: 1.7.2 .. versionchanged:: 1.7.3 CWE information added zpysnmp.hlapi.UsmUserDatazSYou should not use SNMPv3 without encryption. noAuthNoPriv & authNoPriv is insecure UsmUserDatar N) rcall_args_countrrrrrrrrrs rsnmp_crypto_checkr$=slP&&*DD  " "Q &<<!;;II44866}E   'Er) r bandit.corerrtestcheckstest_idrr$rrr*sm /Vf..bVf//r