Document OJSI-201 (CVE-2019-12126) vulnerability

Issue-ID: OJSI-201 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I11dfa0417c20f083c06b4ad4f697061489927b08
author: Krzysztof Opasiak <k.opasiak@samsung.com> 2019-05-30 17:44:35 +0200
committer: Krzysztof Opasiak <k.opasiak@samsung.com> 2019-05-30 23:57:33 +0200
commit: bb8dea8255097e9cd306d8f02f945bfb684e469b (patch)
tree: ed5145421698d92219236478eed3b71499515609
parent: 61cf8dca87c55c8ac1e722b884125903f48b53f4 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/docs/sections/release-notes.rst b/docs/sections/release-notes.rst
index b3637a05..f073d0d8 100644
--- a/docs/sections/release-notes.rst
+++ b/docs/sections/release-notes.rst
@@ -114,6 +114,7 @@ Source code of DCAE components are released under the following repositories on
     * In default deployment DCAEGEN2 (xdcae-tca-analytics) exposes HTTP port 32010 outside of cluster. [`OJSI-161 <https://jira.onap.org/browse/OJSI-161>`_]
     * In default deployment DCAEGEN2 (dcae-redis) exposes redis port 30286 outside of cluster. [`OJSI-187 <https://jira.onap.org/browse/OJSI-187>`_]
     * In default deployment DCAEGEN2 (config-binding-service) exposes HTTP port 30415 outside of cluster. [`OJSI-195 <https://jira.onap.org/browse/OJSI-195>`_]
+    * CVE-2019-12126 - DCAE TCA exposes unprotected APIs/UIs on port 32010. [`OJSI-201 <https://jira.onap.org/browse/OJSI-201>`_]
 
 *Known Vulnerabilities in Used Modules*
author	Krzysztof Opasiak <k.opasiak@samsung.com>	2019-05-30 17:44:35 +0200
committer	Krzysztof Opasiak <k.opasiak@samsung.com>	2019-05-30 23:57:33 +0200
commit	bb8dea8255097e9cd306d8f02f945bfb684e469b (patch)
tree	ed5145421698d92219236478eed3b71499515609
parent	61cf8dca87c55c8ac1e722b884125903f48b53f4 (diff)