CVE-2023-29552

The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html	Third Party Advisory
https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html	Exploit Third Party Advisory
https://datatracker.ietf.org/doc/html/rfc2608	Technical Description
https://github.com/curesec/slpload	Product
https://security.netapp.com/advisory/ntap-20230426-0001/	Third Party Advisory
https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp	Exploit Third Party Advisory
https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks	Third Party Advisory US Government Resource
https://www.suse.com/support/kb/doc/?id=000021051	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:a:suse:manager_server:-:::::::*
	cpe:2.3:o:suse:linux_enterprise_server:11:-::::::
	cpe:2.3:o:suse:linux_enterprise_server:12:-::::::
	cpe:2.3:o:suse:linux_enterprise_server:12:-::::sap::*
	cpe:2.3:o:suse:linux_enterprise_server:15:::::-::
	cpe:2.3:o:suse:linux_enterprise_server:15:::::sap::

Configuration 3 (hide)

cpe:2.3:o:vmware:esxi:*:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:a:service_location_protocol_project:service_location_protocol:-:*:*:*:*:*:*:*

History

04 May 2023, 19:07

Type	Values Removed	Values Added
CPE		cpe:2.3:o:suse:linux_enterprise_server:15:::::-:: cpe:2.3:a:netapp:smi-s_provider:-:::::::* cpe:2.3:o:suse:linux_enterprise_server:11:-:::::: cpe:2.3:o:suse:linux_enterprise_server:12:-::::sap::* cpe:2.3:a:service_location_protocol_project:service_location_protocol:-:::::::* cpe:2.3:o:suse:linux_enterprise_server:12:-:::::: cpe:2.3:o:suse:linux_enterprise_server:15:::::sap:: cpe:2.3:a:suse:manager_server:-:::::::* cpe:2.3:o:vmware:esxi::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
CWE		NVD-CWE-noinfo
References	~~(MISC) https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html -~~	(MISC) https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html - Exploit, Third Party Advisory
References	~~(MISC) https://datatracker.ietf.org/doc/html/rfc2608 -~~	(MISC) https://datatracker.ietf.org/doc/html/rfc2608 - Technical Description
References	~~(MISC) https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp -~~	(MISC) https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp - Exploit, Third Party Advisory
References	~~(MISC) https://github.com/curesec/slpload -~~	(MISC) https://github.com/curesec/slpload - Product
References	~~(MISC) https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html -~~	(MISC) https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html - Third Party Advisory
References	~~(CONFIRM) https://security.netapp.com/advisory/ntap-20230426-0001/ -~~	(CONFIRM) https://security.netapp.com/advisory/ntap-20230426-0001/ - Third Party Advisory
References	~~(MISC) https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks -~~	(MISC) https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks - Third Party Advisory, US Government Resource
References	~~(MISC) https://www.suse.com/support/kb/doc/?id=000021051 -~~	(MISC) https://www.suse.com/support/kb/doc/?id=000021051 - Third Party Advisory

26 Apr 2023, 22:15

Type	Values Removed	Values Added
References		(CONFIRM) https://security.netapp.com/advisory/ntap-20230426-0001/ -

26 Apr 2023, 14:15

Type	Values Removed	Values Added
References		(MISC) https://github.com/curesec/slpload - (MISC) https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html -

25 Apr 2023, 19:15

Type	Values Removed	Values Added
References		(MISC) https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks - (MISC) https://www.suse.com/support/kb/doc/?id=000021051 -

25 Apr 2023, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-04-25 16:15

Updated : 2024-02-04 23:37

NVD link : CVE-2023-29552

Mitre link : CVE-2023-29552

CVE.ORG link : CVE-2023-29552

JSON object : View

Products Affected

netapp

smi-s_provider

service_location_protocol_project

service_location_protocol

vmware

esxi

suse

manager_server
linux_enterprise_server

CWE

NVD-CWE-noinfo

7.5 /10