Skip to main content
Reflective Denial-of-Service (DoS) Amplification Vulnerability in Service Location Protocol SLP

Vulnerability Disclosure:

The purpose of this vulnerability disclosure is to communicate of the potential vulnerability of Supermicro products that was found externally.


The Service Location Protocol (SLP) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service (DoS) attack with a significant amplification factor.


  • CVE: CVE-2023-29552
  • Severity: High

Affected products:

Product affected is Supermicro BMC firmware running on the Blade Chassis Management Module (CMM)


  • CMM Neighbors feature using SLP will be disabled on CMM.
  • A warning will be issued if a user selects an option to enable CMM Neighbors feature.


Certain products may not be available in your region