CVE-2019-0007 (GCVE-0-2019-0007)

Vulnerability from cvelistv5 – Published: 2019-01-15 21:00 – Updated: 2024-09-16 16:22
VLAI?
Summary
The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5 on vMX Series.
Severity ?
9.3 (Critical)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H
CWE
  • Improper Enforcement of Message Integrity During Transmission in a Communication Channel
Assigner
References
https://kb.juniper.net/JSA10903 x_refsource_CONFIRM
http://www.securityfocus.com/bid/106564 vdb-entryx_refsource_BID
Impacted products
Vendor Product Version
Juniper Networks Junos OS Affected: 15.1 , < 15.1F5 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:37:07.191Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10903"
          },
          {
            "name": "106564",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106564"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "vMX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "15.1F5",
              "status": "affected",
              "version": "15.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-01-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5 on vMX Series."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-01-16T10:57:01",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA10903"
        },
        {
          "name": "106564",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106564"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: 15.1F5, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA10903",
        "defect": [
          "1140895"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Junos OS: vMX series: Predictable IP ID sequence numbers vulnerability",
      "workarounds": [
        {
          "lang": "en",
          "value": "When used in whole, the following workaround methods may reduce the risk of information exfiltration from the customer environment, and reduce the chance of being subjected to, or propagating D/DoS attacks against other targets.\n\nDeny incoming packets with invalid source addresses From reaching the device.\nUtilize egress filtering to prevent invalid / spoofed packets from leaving your network(s).\nEnable stateful firewall filters where possible.\nUtilize SYN-based anti-flood protection mechanisms where possible to reduce or avoid D/DoS attacks."
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2019-01-09T17:00:00.000Z",
          "ID": "CVE-2019-0007",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS: vMX series: Predictable IP ID sequence numbers vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "platform": "vMX Series",
                            "version_affected": "\u003c",
                            "version_name": "15.1",
                            "version_value": "15.1F5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5 on vMX Series."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA10903",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA10903"
            },
            {
              "name": "106564",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106564"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: 15.1F5, and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA10903",
          "defect": [
            "1140895"
          ],
          "discovery": "INTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "When used in whole, the following workaround methods may reduce the risk of information exfiltration from the customer environment, and reduce the chance of being subjected to, or propagating D/DoS attacks against other targets.\n\nDeny incoming packets with invalid source addresses From reaching the device.\nUtilize egress filtering to prevent invalid / spoofed packets from leaving your network(s).\nEnable stateful firewall filters where possible.\nUtilize SYN-based anti-flood protection mechanisms where possible to reduce or avoid D/DoS attacks."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2019-0007",
    "datePublished": "2019-01-15T21:00:00Z",
    "dateReserved": "2018-10-11T00:00:00",
    "dateUpdated": "2024-09-16T16:22:59.350Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD0952C4-FFCC-4A78-ADFC-289BD6E269DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*\", \"matchCriteriaId\": \"C56F5C48-BA48-4EE1-88BE-782B3CFB3B90\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C56E6C3-BBB6-4853-91D9-99C7676D0CD4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E0ECBD8-3D66-49DA-A557-5695159F0C06\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EAA2998-A0D6-4818-9E7C-25E8099403E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52699E2B-450A-431C-81E3-DC4483C8B4F2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5627740-42E3-4FB1-B8B9-0B768AFFA1EC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx10008:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6F0EA2F-BF7E-45D0-B2B4-8A7B67A9475A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F72C850A-0530-4DB7-A553-7E19F82122B5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FE2089C-F341-4DC1-B76D-633BC699306D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27175D9A-CA2C-4218-8042-835E25DFCA43\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00C7FC57-8ACF-45AA-A227-7E3B350FD24F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2754C2DF-DF6E-4109-9463-38B4E0465B77\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4A26704-A6A4-4C4F-9E12-A0A0259491EF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C982A2FF-A1F9-4830-BAB6-77CFCE1F093F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"104858BD-D31D-40E0-8524-2EC311F10EAC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B557965-0040-4048-B56C-F564FF28635B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB875EBD-A3CD-4466-B2A3-39D47FF94592\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5E08E1E-0FE4-4294-9497-BBFFECA2A220\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:vmx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C4940BB-3715-4FAD-89FE-D876F957A098\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5 on vMX Series.\"}, {\"lang\": \"es\", \"value\": \"El software de la serie vMX emplea un n\\u00famero de secuencia IP ID predecible. Esto deja el sistema y a los clientes que se conectan a trav\\u00e9s del dispositivo vulnerables a una familia de ataques que depende del uso de n\\u00fameros de secuencia IP ID como su m\\u00e9todo de ataque b\\u00e1sico. Se encontr\\u00f3 el problema durante un an\\u00e1lisis de seguridad interno del producto. Las versiones afectadas son Juniper Networks Junos OS: versiones 15.1 anteriores a la 15.1F5 en la serie NFX.\"}]",
      "id": "CVE-2019-0007",
      "lastModified": "2024-11-21T04:16:02.037",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H\", \"baseScore\": 9.3, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 4.7}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 10.0, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 6.0}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-01-15T21:29:01.087",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/106564\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.juniper.net/JSA10903\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/106564\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.juniper.net/JSA10903\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "sirt@juniper.net",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-330\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-0007\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2019-01-15T21:29:01.087\",\"lastModified\":\"2024-11-21T04:16:02.037\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5 on vMX Series.\"},{\"lang\":\"es\",\"value\":\"El software de la serie vMX emplea un n\u00famero de secuencia IP ID predecible. Esto deja el sistema y a los clientes que se conectan a trav\u00e9s del dispositivo vulnerables a una familia de ataques que depende del uso de n\u00fameros de secuencia IP ID como su m\u00e9todo de ataque b\u00e1sico. Se encontr\u00f3 el problema durante un an\u00e1lisis de seguridad interno del producto. Las versiones afectadas son Juniper Networks Junos OS: versiones 15.1 anteriores a la 15.1F5 en la serie NFX.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":10.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-330\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD0952C4-FFCC-4A78-ADFC-289BD6E269DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C56F5C48-BA48-4EE1-88BE-782B3CFB3B90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C56E6C3-BBB6-4853-91D9-99C7676D0CD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E0ECBD8-3D66-49DA-A557-5695159F0C06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EAA2998-A0D6-4818-9E7C-25E8099403E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1:f5:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D4ADFC5-D4B8-4A68-95D8-8ADF92C1CFE8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52699E2B-450A-431C-81E3-DC4483C8B4F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5627740-42E3-4FB1-B8B9-0B768AFFA1EC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx10008:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6F0EA2F-BF7E-45D0-B2B4-8A7B67A9475A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F72C850A-0530-4DB7-A553-7E19F82122B5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FE2089C-F341-4DC1-B76D-633BC699306D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27175D9A-CA2C-4218-8042-835E25DFCA43\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00C7FC57-8ACF-45AA-A227-7E3B350FD24F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2754C2DF-DF6E-4109-9463-38B4E0465B77\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4A26704-A6A4-4C4F-9E12-A0A0259491EF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C982A2FF-A1F9-4830-BAB6-77CFCE1F093F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"104858BD-D31D-40E0-8524-2EC311F10EAC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B557965-0040-4048-B56C-F564FF28635B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB875EBD-A3CD-4466-B2A3-39D47FF94592\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5E08E1E-0FE4-4294-9497-BBFFECA2A220\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:vmx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C4940BB-3715-4FAD-89FE-D876F957A098\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/106564\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.juniper.net/JSA10903\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/106564\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.juniper.net/JSA10903\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.