vulnerability

Juniper Junos OS: 2019-01 Security Bulletin: Junos OS: vMX series: Predictable IP ID sequence numbers vulnerability (JSA10903) (CVE-2019-0007)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	Jan 10, 2019	Jan 10, 2019	Aug 11, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Jan 10, 2019

Added

Jan 10, 2019

Modified

Aug 11, 2025

Description

The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5 on vMX Series.

Solution

juniper-junos-os-upgrade-latest

References

CVE-2019-0007
https://attackerkb.com/topics/CVE-2019-0007
CWE-330
JUNIPER-JSA10903

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today