SLP Protocol Denial-of-Service Guidance

SLP Protocol Denial-of-Service Guidance

SLP Protocol Denial-of-Service Guidance

Lenovo Security Advisory: LEN-123896

Potential Impact: Denial of Service

Severity: High

Scope of Impact: Industry-wide

CVE Identifier: CVE-2023-29552

 

Summary Description:

A UDP-based reflection amplification denial-of-service (DOS) vulnerability was reported in SLP (Service Location Protocol), a service discovery protocol that allows devices to find services within a local area network without prior configuration. By design, SLP does not enforce authentication and packets are transmitted using UDP.  This vulnerability allows a device supporting SLP to be used as a traffic generator for performing DOS attacks against other devices.  There is no fix available as this behavior is inherent to the SLP protocol. 

Lenovo ThinkSystem V3 servers do not support SLP. Other Lenovo storage, networking, and server products support SLP for device discovery on a network. If XClarity Administrator (LXCA) or other system management tools that require SLP for discovery are not in use, it is recommended to disable SLP where possible.

Mitigation Strategy for Customers (what you should do to protect yourself):

Recommended mitigations include: 

  • Disable SLP where possible. 
  • Only connect device system management interfaces to trusted, secure networks. Do not expose device system management interfaces to untrusted networks such as the internet. 
  • Use host-based and network firewalls to limit access from hosts and networks to the system management interface and from the system management interface to other hosts and networks. 
  • Limit network access to only trusted users. 
    ThinkSystem Server and Management Applications customers please note:  Lenovo ThinkSystem V3 servers do not support SLP.  

See https://lenovopress.lenovo.com/lp1260-how-to-harden-the-security-of-your-thinksystem-server for guidance on disabling SLP. 

  

For IMM users: 

Through OneCLI, SLP can be disabled with the following command: config set IMM.SLPPortControl Closed -imm <UserName>@<IMM2 IP> 

Reboot IMM2 for changes to take effect. 

  

ThinkAgile customers:  

For Nutanix software, see https://www.nutanix.com/trust/security-advisories for risk exposure, resolution and mitigations.  

For VMware software and appliances, see https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html  for risk exposure, resolution and mitigations.  

 

References:

https://www.cve.org/CVERecord?id=CVE-2023-29552 

 

Revision History:

Revision Date Description
1 2023-05-09 Initial release

For a complete list of all Lenovo Product Security Advisories, click here.

For the most up to date information, please remain current with updates and advisories from Lenovo regarding your equipment and software. The information provided in this advisory is provided on an “as is” basis without any warranty or guarantee of any kind. Lenovo reserves the right to change or update this advisory at any time.


Alias Id:LEN-123896
Document ID:PS500563
Original Publish Date:05/09/2023
Last Modified Date:05/09/2023