“Any sufficiently advanced technology is indistinguishable from magic.” – – Arthur C. Clarke
OpenSLP as used in ESXi has a heap-overflow vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.8.
With the workaround, CIM clients which uses SLP to find CIM servers over port #427 will not be able to locate the service.
There is no requirement to reboot the ESXi host to disable/enable the service
Details on the available powercli options to disable the service are documented here
To implement the workaround perform the following steps:
1 Login to the ESXi hosts using an SSH session (such as putty)
2 Stop the SLP service on the ESXi host with this command:
3 Run the following command to disable the SLP service:
esxcli network firewall ruleset set -r CIMSLP -e 0
To make this change persist across reboots:
chkconfig slpd off
To check if the change is applied across reboots:
chkconfig –list | grep slpd
output: slpd off