diff options
author | Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-06-05 23:31:54 +0200 |
---|---|---|
committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-06-05 23:31:54 +0200 |
commit | 9efc5e6ea56013249cb7d9746fa0b21916e79549 (patch) | |
tree | d296e393e71dc22aae25de723478ee29c1a4fcd8 | |
parent | f989a9e9a9d17a56e3d1322b9d1550c7e281577f (diff) |
Document OJSI-95 vulnerability
Issue-ID: OJSI-95
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ica05a626601673f672cc0be6a8c6cdcbe94323f8
-rw-r--r-- | docs/release-notes.rst | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/docs/release-notes.rst b/docs/release-notes.rst index fa09a4e31..4123ff95c 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -118,6 +118,7 @@ The Dublin release added the following functionality: - CVE-2019-12316 `OJSI-25 <https://jira.onap.org/browse/OJSI-25>`_ - SQL Injection in APPC - `OJSI-29 <https://jira.onap.org/browse/OJSI-29>`_ - Unsecured Swagger UI Interface in AAPC - CVE-2019-12124 `OJSI-63 <https://jira.onap.org/browse/OJSI-63>`_ - APPC exposes Jolokia Interface which allows to read and overwrite any arbitrary file + - `OJSI-95 <https://jira.onap.org/browse/OJSI-95>`_ - appc-cdt allows to impersonate any user by setting USER_ID *Known Vulnerabilities in Used Modules* |