From 27355fd94dac489231eef1045f9e8c3b35fb845a Mon Sep 17 00:00:00 2001
From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Thu, 30 May 2019 18:30:49 +0200
Subject: Document OJSI-205 (CVE-2019-12130) vulnerability

Issue-ID: OJSI-205
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Icb0cd700c8c5fbffc2f9d26c20b506445df23296
---
 docs/release-notes.rst | 1 +
 1 file changed, 1 insertion(+)

(limited to 'docs/release-notes.rst')

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 2abf3248..fbc47c22 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -26,6 +26,7 @@ Version: 3.0.0
 
 - In default deployment CLI (cli) exposes HTTP port 30260 outside of cluster. [`OJSI-129 <https://jira.onap.org/browse/OJSI-129>`_]
 - In default deployment CLI (cli) exposes HTTP port 30271 outside of cluster. [`OJSI-135 <https://jira.onap.org/browse/OJSI-135>`_]
+- CVE-2019-12130 - CLI exposes unprotected APIs/UIs on port 30271. [`OJSI-205 <https://jira.onap.org/browse/OJSI-205>`_]
 
 *Known Vulnerabilities in Used Modules*
 
-- 
cgit 1.2.3-korg