CVE-2002-2208 Report - Details, Severity, & Advisories
Twingate Team
•
Jan 25, 2024
CVE-2002-2208 is a high-severity vulnerability affecting the Extended Interior Gateway Routing Protocol (EIGRP) implemented in certain Cisco IOS versions and other products. This vulnerability allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, resulting in an ARP storm on the local network.
How do I know if I'm affected?
If you're using Cisco IOS versions 11.3, 12.0, 12.1, or 12.2, your system might be at risk of the vulnerability. This issue affects the Extended Interior Gateway Routing Protocol (EIGRP) and can cause a denial of service (flood) on your local network. To know if you're affected, check your Cisco IOS version and monitor your network for any unusual ARP storms or flooding caused by spoofed EIGRP neighbor announcements.
What should I do if I'm affected?
If you're affected by the vulnerability, take these steps to protect your network. First, block access to core infrastructure using access control lists (ACLs). Then, configure anti-spoofing measures like Unicast Reverse Path Forwarding (uRPF) or ACLs. Next, deploy 802.1x-based port security. Then, use static defined EIGRP neighbors. Finally, enable MD5 Neighbor Authentication.
Is this in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2002-2208 vulnerability, also known as Extended Interior Gateway Routing Protocol (EIGRP) Denial of Service, is not listed in CISA's Known Exploited Vulnerabilities Catalog. It was added to the National Vulnerability Database on December 31, 2002. There is no specific due date or required action mentioned, but users are advised to follow available resources for mitigating the vulnerability, such as implementing access control lists, anti-spoofing measures, and MD5 Neighbor Authentication.
Weakness enumeration
The weakness enumeration for this vulnerability is categorized as NVD-CWE-Other, which involves a denial of service attack through spoofed EIGRP neighbor announcements.
For more details
CVE-2002-2208, a high-severity vulnerability affecting EIGRP in certain Cisco IOS versions, can cause denial of service attacks on local networks. For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and affected software configurations, visit the NVD page or the links below.
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
CVE-2002-2208 Report - Details, Severity, & Advisories
Twingate Team
•
Jan 25, 2024
CVE-2002-2208 is a high-severity vulnerability affecting the Extended Interior Gateway Routing Protocol (EIGRP) implemented in certain Cisco IOS versions and other products. This vulnerability allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, resulting in an ARP storm on the local network.
How do I know if I'm affected?
If you're using Cisco IOS versions 11.3, 12.0, 12.1, or 12.2, your system might be at risk of the vulnerability. This issue affects the Extended Interior Gateway Routing Protocol (EIGRP) and can cause a denial of service (flood) on your local network. To know if you're affected, check your Cisco IOS version and monitor your network for any unusual ARP storms or flooding caused by spoofed EIGRP neighbor announcements.
What should I do if I'm affected?
If you're affected by the vulnerability, take these steps to protect your network. First, block access to core infrastructure using access control lists (ACLs). Then, configure anti-spoofing measures like Unicast Reverse Path Forwarding (uRPF) or ACLs. Next, deploy 802.1x-based port security. Then, use static defined EIGRP neighbors. Finally, enable MD5 Neighbor Authentication.
Is this in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2002-2208 vulnerability, also known as Extended Interior Gateway Routing Protocol (EIGRP) Denial of Service, is not listed in CISA's Known Exploited Vulnerabilities Catalog. It was added to the National Vulnerability Database on December 31, 2002. There is no specific due date or required action mentioned, but users are advised to follow available resources for mitigating the vulnerability, such as implementing access control lists, anti-spoofing measures, and MD5 Neighbor Authentication.
Weakness enumeration
The weakness enumeration for this vulnerability is categorized as NVD-CWE-Other, which involves a denial of service attack through spoofed EIGRP neighbor announcements.
For more details
CVE-2002-2208, a high-severity vulnerability affecting EIGRP in certain Cisco IOS versions, can cause denial of service attacks on local networks. For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and affected software configurations, visit the NVD page or the links below.
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
CVE-2002-2208 Report - Details, Severity, & Advisories
Twingate Team
•
Jan 25, 2024
CVE-2002-2208 is a high-severity vulnerability affecting the Extended Interior Gateway Routing Protocol (EIGRP) implemented in certain Cisco IOS versions and other products. This vulnerability allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, resulting in an ARP storm on the local network.
How do I know if I'm affected?
If you're using Cisco IOS versions 11.3, 12.0, 12.1, or 12.2, your system might be at risk of the vulnerability. This issue affects the Extended Interior Gateway Routing Protocol (EIGRP) and can cause a denial of service (flood) on your local network. To know if you're affected, check your Cisco IOS version and monitor your network for any unusual ARP storms or flooding caused by spoofed EIGRP neighbor announcements.
What should I do if I'm affected?
If you're affected by the vulnerability, take these steps to protect your network. First, block access to core infrastructure using access control lists (ACLs). Then, configure anti-spoofing measures like Unicast Reverse Path Forwarding (uRPF) or ACLs. Next, deploy 802.1x-based port security. Then, use static defined EIGRP neighbors. Finally, enable MD5 Neighbor Authentication.
Is this in CISA’s Known Exploited Vulnerabilities Catalog?
The CVE-2002-2208 vulnerability, also known as Extended Interior Gateway Routing Protocol (EIGRP) Denial of Service, is not listed in CISA's Known Exploited Vulnerabilities Catalog. It was added to the National Vulnerability Database on December 31, 2002. There is no specific due date or required action mentioned, but users are advised to follow available resources for mitigating the vulnerability, such as implementing access control lists, anti-spoofing measures, and MD5 Neighbor Authentication.
Weakness enumeration
The weakness enumeration for this vulnerability is categorized as NVD-CWE-Other, which involves a denial of service attack through spoofed EIGRP neighbor announcements.
For more details
CVE-2002-2208, a high-severity vulnerability affecting EIGRP in certain Cisco IOS versions, can cause denial of service attacks on local networks. For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and affected software configurations, visit the NVD page or the links below.