Document OJSI-76 (CVE-2019-12115) vulnerability

author Krzysztof Opasiak <k.opasiak@samsung.com>

Wed, 5 Jun 2019 00:06:45 +0000 (02:06 +0200)

committer Krzysztof Opasiak <k.opasiak@samsung.com>

Wed, 5 Jun 2019 00:06:45 +0000 (02:06 +0200)
author Krzysztof Opasiak <k.opasiak@samsung.com>
Wed, 5 Jun 2019 00:06:45 +0000 (02:06 +0200)
committer Krzysztof Opasiak <k.opasiak@samsung.com>
Wed, 5 Jun 2019 00:06:45 +0000 (02:06 +0200)
diff --git a/docs/release-notes.rst b/docs/release-notes.rst

index 5951dbf..1cdd7f4 100644 (file)
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -102,6 +102,7 @@ Security Notes
  *Known Security Issues*
  
  -  [`OJSI-31 <https://jira.onap.org/browse/OJSI-31>`__\ ] - Unsecured Swagger UI Interface in sdc-wfd-be
+-  CVE-2019-12115 [`OJSI-76 <https://jira.onap.org/browse/OJSI-76>`__\ ] - demo-sdc-sdc-be exposes JDWP on port 4000 which allows for arbitrary code execution
  
  *Known Vulnerabilities in Used Modules*
author	Krzysztof Opasiak <k.opasiak@samsung.com>
	Wed, 5 Jun 2019 00:06:45 +0000 (02:06 +0200)
committer	Krzysztof Opasiak <k.opasiak@samsung.com>
	Wed, 5 Jun 2019 00:06:45 +0000 (02:06 +0200)