Published: 25/04/2023 Updated: 04/05/2023

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote malicious user to register arbitrary services. This could allow the malicious user to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.

Vulnerable Product	Search on Vulmon	Subscribe to Product
netapp smi-s provider -
suse linux enterprise server 11
suse linux enterprise server 12
suse linux enterprise server 15
suse manager server -
vmware esxi
service location protocol project service location protocol -

DescriptionA flaw was found in OpenSLP Service Location Protocol (SLP) is vulnerable to a reflective denial of service amplification attack via UDP SLP allows an unauthenticated attacker to register new services without limits set by the SLP implementation By using UDP and spoofing the source address, an attacker can request the service l ...

Menu Log in ...

NVD-CWE-noinfo https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html https://datatracker.ietf.org/doc/html/rfc2608 https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks https://www.suse.com/support/kb/doc/?id=000021051 https://github.com/curesec/slpload https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html https://security.netapp.com/advisory/ntap-20230426-0001/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2023-29552 https://support.broadcom.com/external/content/SecurityAdvisories/0/22195

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-29552

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect