From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Thu, 30 May 2019 16:30:49 +0000 (+0200)
Subject: Document OJSI-205 (CVE-2019-12130) vulnerability
X-Git-Tag: 4.0.0~154
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=refs%2Fchanges%2F32%2F88932%2F1;p=cli.git

Document OJSI-205 (CVE-2019-12130) vulnerability

Issue-ID: OJSI-205
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Icb0cd700c8c5fbffc2f9d26c20b506445df23296
---

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 2abf3248..fbc47c22 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -26,6 +26,7 @@ Version: 3.0.0
 
 - In default deployment CLI (cli) exposes HTTP port 30260 outside of cluster. [`OJSI-129 <https://jira.onap.org/browse/OJSI-129>`_]
 - In default deployment CLI (cli) exposes HTTP port 30271 outside of cluster. [`OJSI-135 <https://jira.onap.org/browse/OJSI-135>`_]
+- CVE-2019-12130 - CLI exposes unprotected APIs/UIs on port 30271. [`OJSI-205 <https://jira.onap.org/browse/OJSI-205>`_]
 
 *Known Vulnerabilities in Used Modules*