CVE-2002-2208 — Cisco IOS vulnerability

2 documents2 sources

Severity

7.8HIGHNVD

EPSS

6.3%

top 9.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS Extended Interior Gateway Routing Protocol

Timeline

PublishedDec 31

Latest updateApr 30

Description

Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

▶NVDextended_interior_gateway_routing_protocol/extended_interior_gateway_routing_protocol1.2

▶NVDcisco/ios4 versions+3

Patches

Patch: www.cisco.com ↗Patch: www.securityfocus.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-pgf7-j693-6p7w: Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11↗2022-04-30

▶