Vulnerabilites related to service_location_protocol_project - service_location_protocol
Vulnerability from fkie_nvd
Published
2023-04-25 16:15
Modified
2024-11-21 07:57
Severity ?
Summary
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
netapp | smi-s_provider | - | |
suse | manager_server | - | |
suse | linux_enterprise_server | 11 | |
suse | linux_enterprise_server | 12 | |
suse | linux_enterprise_server | 12 | |
suse | linux_enterprise_server | 15 | |
suse | linux_enterprise_server | 15 | |
vmware | esxi | * | |
service_location_protocol_project | service_location_protocol | - |
{ cisaActionDue: "2023-11-29", cisaExploitAdd: "2023-11-08", cisaRequiredAction: "Apply mitigations per vendor instructions or disable SLP service or port 427/UDP on all systems running on untrusted networks, including those directly connected to the Internet.", cisaVulnerabilityName: "Service Location Protocol (SLP) Denial-of-Service Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*", matchCriteriaId: "4BB0FDCF-3750-44C6-AC5C-0CC2AAD14093", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:manager_server:-:*:*:*:*:*:*:*", matchCriteriaId: "A4E8CE0B-23E7-45BF-AAFB-AD12DC7EB0F0", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*", matchCriteriaId: "F13F07CC-739B-465C-9184-0E9D708BD4C7", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", matchCriteriaId: "15FC9014-BD85-4382-9D04-C0703E901D7A", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:sap:*:*", matchCriteriaId: "5D18AA86-88AF-481B-A24F-429BF79264AB", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:-:*:*", matchCriteriaId: "B1B7847D-6C17-4817-B71E-C034894B70A9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:sap:*:*", matchCriteriaId: "C665A768-DBDA-4197-9159-A2791E98A84F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:vmware:esxi:*:*:*:*:*:*:*:*", matchCriteriaId: "D223DD19-0441-4EBD-9F51-5E9012434517", versionEndExcluding: "7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:service_location_protocol_project:service_location_protocol:-:*:*:*:*:*:*:*", matchCriteriaId: "64E7C090-F632-4975-9C4C-E89100088BF4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.", }, ], id: "CVE-2023-29552", lastModified: "2024-11-21T07:57:17.017", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-25T16:15:09.537", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html", }, { source: "cve@mitre.org", tags: [ "Technical Description", ], url: "https://datatracker.ietf.org/doc/html/rfc2608", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://github.com/curesec/slpload", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230426-0001/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.suse.com/support/kb/doc/?id=000021051", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Technical Description", ], url: "https://datatracker.ietf.org/doc/html/rfc2608", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://github.com/curesec/slpload", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20230426-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.suse.com/support/kb/doc/?id=000021051", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2023-29552
Vulnerability from cvelistv5
Published
2023-04-25 00:00
Modified
2024-08-02 14:14
Severity ?
EPSS score ?
Summary
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:14:38.816Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://datatracker.ietf.org/doc/html/rfc2608", }, { tags: [ "x_transferred", ], url: "https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp", }, { tags: [ "x_transferred", ], url: "https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html", }, { tags: [ "x_transferred", ], url: "https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks", }, { tags: [ "x_transferred", ], url: "https://www.suse.com/support/kb/doc/?id=000021051", }, { tags: [ "x_transferred", ], url: "https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html", }, { tags: [ "x_transferred", ], url: "https://github.com/curesec/slpload", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230426-0001/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-26T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://datatracker.ietf.org/doc/html/rfc2608", }, { url: "https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp", }, { url: "https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html", }, { url: "https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks", }, { url: "https://www.suse.com/support/kb/doc/?id=000021051", }, { url: "https://curesec.com/blog/article/CVE-2023-29552-Service-Location-Protocol-Denial-of-Service-Amplification-Attack-212.html", }, { url: "https://github.com/curesec/slpload", }, { url: "https://security.netapp.com/advisory/ntap-20230426-0001/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-29552", datePublished: "2023-04-25T00:00:00", dateReserved: "2023-04-07T00:00:00", dateUpdated: "2024-08-02T14:14:38.816Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }