vulnerability

Juniper Junos OS: 2019-01 Security Bulletin: Junos OS: vMX series: Predictable IP ID sequence numbers vulnerability (JSA10903) (CVE-2019-0007)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	2019-01-10	2019-01-10	2024-11-27

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

2019-01-10

Added

2019-01-10

Modified

2024-11-27

Description

The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5 on vMX Series.

Solution

juniper-junos-os-upgrade-latest

References

CVE-2019-0007
https://attackerkb.com/topics/CVE-2019-0007
JUNIPER-JSA10903

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today