From c887b4744c9105b66f5d9bbea77f455ccd99867a Mon Sep 17 00:00:00 2001 From: Krzysztof Opasiak Date: Wed, 5 Jun 2019 23:45:38 +0200 Subject: Document OJSI-202 (CVE-2019-12127) vulnerability Issue-ID: OJSI-202 Signed-off-by: Krzysztof Opasiak Change-Id: I46d31d23309f8f34cb1a21d025aac0ff9a5b709a --- docs/release-notes.rst | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/release-notes.rst b/docs/release-notes.rst index ae22cb25ee..3d61e73a5b 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -55,6 +55,7 @@ Summary * In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 `_] * Hard coded password used for all oom deployments [`OJSI-188 `_] +* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 `_] *Known Vulnerabilities in Used Modules* -- cgit 1.2.3-korg