Document OJSI-63 (CVE-2019-12124) vulnerability

Issue-ID: OJSI-63 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ide989877e0f2765302ad423c0b421e972b4e8046
author: Krzysztof Opasiak <k.opasiak@samsung.com> 2019-06-05 23:30:42 +0200
committer: Krzysztof Opasiak <k.opasiak@samsung.com> 2019-06-05 23:30:42 +0200
commit: f989a9e9a9d17a56e3d1322b9d1550c7e281577f (patch)
tree: 5acee44be0185d432a30989e2f2c4f75cc76ff30
parent: 185f1dced3f858f363c8442d2a37d42d7900f028 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index a6aad66f3..fa09a4e31 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -117,6 +117,7 @@ The Dublin release added the following functionality:
 
       - CVE-2019-12316 `OJSI-25 <https://jira.onap.org/browse/OJSI-25>`_ - SQL Injection in APPC
       - `OJSI-29 <https://jira.onap.org/browse/OJSI-29>`_ - Unsecured Swagger UI Interface in AAPC
+      - CVE-2019-12124 `OJSI-63 <https://jira.onap.org/browse/OJSI-63>`_ - APPC exposes Jolokia Interface which allows to read and overwrite any arbitrary file
 
 *Known Vulnerabilities in Used Modules*
author	Krzysztof Opasiak <k.opasiak@samsung.com>	2019-06-05 23:30:42 +0200
committer	Krzysztof Opasiak <k.opasiak@samsung.com>	2019-06-05 23:30:42 +0200
commit	f989a9e9a9d17a56e3d1322b9d1550c7e281577f (patch)
tree	5acee44be0185d432a30989e2f2c4f75cc76ff30
parent	185f1dced3f858f363c8442d2a37d42d7900f028 (diff)