diff options
author | Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-06-05 02:08:50 +0200 |
---|---|---|
committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-06-05 02:08:50 +0200 |
commit | 904d671855e388e2c9c15c19d0c6d02c68e97884 (patch) | |
tree | 4bc8d209668cd67b719d15e1aa7678c2459d7768 | |
parent | 7fca6eedf4d67baa85fb2f112f421559c94eb73c (diff) |
Document OJSI-78 (CVE-2019-12117) vulnerability
Issue-ID: OJSI-78
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ib1c58719d3d33d47b5e237fb21deae1101940bcd
-rw-r--r-- | docs/release-notes.rst | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/docs/release-notes.rst b/docs/release-notes.rst index 84947c6f83..c03516aadb 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -104,6 +104,7 @@ Security Notes - [`OJSI-31 <https://jira.onap.org/browse/OJSI-31>`__\ ] - Unsecured Swagger UI Interface in sdc-wfd-be - CVE-2019-12115 [`OJSI-76 <https://jira.onap.org/browse/OJSI-76>`__\ ] - demo-sdc-sdc-be exposes JDWP on port 4000 which allows for arbitrary code execution - CVE-2019-12116 [`OJSI-77 <https://jira.onap.org/browse/OJSI-77>`__\ ] - demo-sdc-sdc-fe exposes JDWP on port 6000 which allows for arbitrary code execution +- CVE-2019-12117 [`OJSI-78 <https://jira.onap.org/browse/OJSI-78>`__\ ] - demo-sdc-sdc-onboarding-be exposes JDWP on port 4001 which allows for arbitrary code execution *Known Vulnerabilities in Used Modules* |