diff options
author | Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-06-05 02:12:32 +0200 |
---|---|---|
committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-06-05 02:12:32 +0200 |
commit | d2309e47a142f8a285dbdffca7b7cffe9b07d888 (patch) | |
tree | afa76c18829632cf58c0d924d7d1f8025cd48db8 /docs | |
parent | be1e1600f0a7103e538aae660ce611151ca63702 (diff) |
Document OJSI-101 vulnerability
Issue-ID: OJSI-101
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ib87725793f23876eb6df9ed6ef6dcf6acb6e36a9
Diffstat (limited to 'docs')
-rw-r--r-- | docs/release-notes.rst | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/docs/release-notes.rst b/docs/release-notes.rst index dafdf3c5dc..6dfb77aacb 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -109,6 +109,7 @@ Security Notes - CVE-2019-12119 [`OJSI-80 <https://jira.onap.org/browse/OJSI-80>`__\ ] - demo-sdc-sdc-wfd-fe exposes JDWP on port 7000 which allows for arbitrary code execution - [`OJSI-90 <https://jira.onap.org/browse/OJSI-90>`__\ ] - SDC exposes unprotected API for user creation - [`OJSI-94 <https://jira.onap.org/browse/OJSI-94>`__\ ] - sdc-wfd-fe allows to impersonate any user by setting USER_ID +- [`OJSI-101 <https://jira.onap.org/browse/OJSI-101>`__\ ] - In default deployment SDC (sdc-be) exposes HTTP port 30205 outside of cluster. *Known Vulnerabilities in Used Modules* |