CVE-2019-0007
Summary
| CVE | CVE-2019-0007 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-01-15 21:29:00 UTC |
| Updated | 2020-08-24 17:37:00 UTC |
| Description | The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5 on vMX Series. |
Risk And Classification
Problem Types: CWE-330
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Juniper | Junos | 15.1 | All | All | All |
| Operating System | Juniper | Junos | 15.1 | f1 | All | All |
| Operating System | Juniper | Junos | 15.1 | f2 | All | All |
| Operating System | Juniper | Junos | 15.1 | f3 | All | All |
| Operating System | Juniper | Junos | 15.1 | f4 | All | All |
| Operating System | Juniper | Junos | 15.1 | f5 | All | All |
| Operating System | Juniper | Junos | 15.1 | All | All | All |
| Operating System | Juniper | Junos | 15.1 | f1 | All | All |
| Operating System | Juniper | Junos | 15.1 | f2 | All | All |
| Operating System | Juniper | Junos | 15.1 | f3 | All | All |
| Operating System | Juniper | Junos | 15.1 | f4 | All | All |
| Operating System | Juniper | Junos | 15.1 | f5 | All | All |
| Hardware | Juniper | Mx10 | - | All | All | All |
| Hardware | Juniper | Mx10 | - | All | All | All |
| Hardware | Juniper | Mx10003 | - | All | All | All |
| Hardware | Juniper | Mx10003 | - | All | All | All |
| Hardware | Juniper | Mx10008 | - | All | All | All |
| Hardware | Juniper | Mx10008 | - | All | All | All |
| Hardware | Juniper | Mx104 | - | All | All | All |
| Hardware | Juniper | Mx104 | - | All | All | All |
| Hardware | Juniper | Mx150 | - | All | All | All |
| Hardware | Juniper | Mx150 | - | All | All | All |
| Hardware | Juniper | Mx2008 | - | All | All | All |
| Hardware | Juniper | Mx2008 | - | All | All | All |
| Hardware | Juniper | Mx2010 | - | All | All | All |
| Hardware | Juniper | Mx2010 | - | All | All | All |
| Hardware | Juniper | Mx2020 | - | All | All | All |
| Hardware | Juniper | Mx2020 | - | All | All | All |
| Hardware | Juniper | Mx204 | - | All | All | All |
| Hardware | Juniper | Mx204 | - | All | All | All |
| Hardware | Juniper | Mx240 | - | All | All | All |
| Hardware | Juniper | Mx240 | - | All | All | All |
| Hardware | Juniper | Mx40 | - | All | All | All |
| Hardware | Juniper | Mx40 | - | All | All | All |
| Hardware | Juniper | Mx480 | - | All | All | All |
| Hardware | Juniper | Mx480 | - | All | All | All |
| Hardware | Juniper | Mx5 | - | All | All | All |
| Hardware | Juniper | Mx5 | - | All | All | All |
| Hardware | Juniper | Mx80 | - | All | All | All |
| Hardware | Juniper | Mx80 | - | All | All | All |
| Hardware | Juniper | Mx960 | - | All | All | All |
| Hardware | Juniper | Mx960 | - | All | All | All |
| Hardware | Juniper | Vmx | - | All | All | All |
| Hardware | Juniper | Vmx | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Juniper Junos CVE-2019-0007 Security Weakness | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| 2019-01 Security Bulletin: Junos OS: vMX series: Predictable IP ID sequence numbers vulnerability (CVE-2019-0007) - Juniper Networks | CONFIRM | kb.juniper.net | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.