Cisco Bug: CSCtc86349 - SNMP does not apply interface RBAC at all
Jul 24, 2015
- Cisco Nexus 7000 Series Switches
Known Affected Releases
Symptom: Apply restrictions on what interface(s) are visible using Roles Based Access Control (RBAC) should map through to SNMP access either with SNMPv3 user or through mapping a SNMPv1/v2c community to a RBAC role. While that mapping takes place for RBAC in general, interface restrictions that limit what interfaces are visible in IF-MIB does not currently happen. e.g. an RBAC policy of: role name asd rule 1 permit read interface policy deny permit interface Ethernet1/1 ! snmp-server community asd group asd should mean that a snmpwalk of IF-MIB with the SNMP community 'asd' should only return entries for Eth1/1. It does not. Conditions: RBAC with interface restrictions do not apply to SNMP.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases