Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2023-29552
HistoryApr 25, 2023 - 4:15 p.m.

CVE-2023-29552

2023-04-2516:15:09
[email protected]
web.nvd.nist.gov
252
In Wild
cve-2023-29552
service location protocol
slp
rfc 2608
unauthenticated
remote attacker
denial-of-service
udp traffic
amplification factor

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.8%

JSON

The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.

Affected configurations

NVD
Node
netappsmi-s_providerMatch-
Node
susemanager_serverMatch-
OR
suselinux_enterprise_serverMatch11-
OR
suselinux_enterprise_serverMatch12-
OR
suselinux_enterprise_serverMatch12-sap
OR
suselinux_enterprise_serverMatch15-
OR
suselinux_enterprise_serverMatch15sap
Node
vmwareesxiRange<7.0
Node
service_location_protocol_projectservice_location_protocolMatch-

Related

broadcom 1
cvelist 1
nessus 6
githubexploit 1
thn 2
redhatcve 1
ubuntucve 1
cisa_kev 1
f5 1
attackerkb 1
impervablog 1
prion 1
nvd 1
hp 1
broadcom
broadcom
CVE-2023-29552 - Abuse of the Service Location Protocol May Lead to DoS Attacks
2023-05-19 00:00:00
cvelist
cvelist
CVE-2023-29552
2023-04-25 00:00:00
nessus
nessus
RHEL 9 : openslp (Unpatched Vulnerability)
2024-06-03 00:00:00
ESXi < 7.0 Reflected Denial of Service
2023-05-23 00:00:00
SLP Server Detection (TCP)
2006-12-07 00:00:00
githubexploit
githubexploit
Exploit for Vulnerability in Netapp Smi-S Provider
2023-10-27 09:17:21
thn
thn
New SLP Vulnerability Could Let Attackers Launch 2200x Powerful DDoS Attacks
2023-04-25 13:26:00
CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation
2023-11-09 05:33:00
redhatcve
redhatcve
CVE-2023-29552
2023-04-25 16:51:31
ubuntucve
ubuntucve
CVE-2023-29552
2023-04-24 00:00:00
cisa_kev
cisa_kev
Service Location Protocol (SLP) Denial-of-Service Vulnerability
2023-11-08 00:00:00
f5
f5
K000133692 : OpenSLP vulnerability CVE-2023-29552
2023-04-28 00:00:00
attackerkb
attackerkb
CVE-2023-29552
2023-04-25 00:00:00
impervablog
impervablog
CVE-2023-29552: Abusing the SLP Protocol to Launch Massive DDoS Amplification Attacks
2023-05-04 13:19:13
prion
prion
Code injection
2023-04-25 16:15:00
nvd
nvd
CVE-2023-29552
2023-04-25 16:15:09
hp
hp
Tera2 Zero Client and Remote Workstation Card Firmware – Service Location Protocol
2024-02-23 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.8%

JSON
Related for CVE-2023-29552
broadcom1cvelist1nessus6githubexploit1thn2redhatcve1ubuntucve1cisa_kev1f51attackerkb1impervablog1prion1nvd1hp1