Hello, 

I've not been on this forum for a while, please let me know, if my question should be in a different category. 

We run a system with a VM Guest on Red Hat Linux 7.9. It's on an HP host running this version of VSphere: 6.5.0.14320405

We run software that identifies vulnerabilities and it suggested we update the VSphere version or disable the OpenSLP service. 

==> VMware ESXi: OpenSLP Heap-Overflow Remote Code Execution Vulnerability

"This vulnerability was identified because (1) the detected version of VMware ESXi, 6.5.0.14320405, is less than 6.5.0.17477841"

I would like ask what is this service responsible for? What would be the impact on disabling it until we update our VSphere version?

Our Red Hat Linux guest run a Progress database with files exchanges via SSH and Emails. 

There is an article that describes how to switch the service off and only offers this clue as to what it could be used for:

Functionality Impacts:

With the workaround, CIM clients which uses SLP to find CIM servers over port #427 will not be able to locate the service.

Thanks, 

Richard