Code Review / sdc.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: d2edcee)
Document OJSI-90 vulnerability 12/89312/1
authorKrzysztof Opasiak <k.opasiak@samsung.com>
Wed, 5 Jun 2019 00:11:23 +0000 (02:11 +0200)
committerKrzysztof Opasiak <k.opasiak@samsung.com>
Wed, 5 Jun 2019 00:11:23 +0000 (02:11 +0200)
Issue-ID: OJSI-90
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I7be4019410a8f0e06ac16b5c37830f4cdd15f004

docs/release-notes.rst patch | blob | history

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index dcfe042..52dcb21 100644 (file)
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -107,6 +107,7 @@ Security Notes
 -  CVE-2019-12117 [`OJSI-78 <https://jira.onap.org/browse/OJSI-78>`__\ ] - demo-sdc-sdc-onboarding-be exposes JDWP on port 4001 which allows for arbitrary code execution
 -  CVE-2019-12118 [`OJSI-79 <https://jira.onap.org/browse/OJSI-79>`__\ ] - demo-sdc-sdc-wfd-be exposes JDWP on port 7001 which allows for arbitrary code execution
 -  CVE-2019-12119 [`OJSI-80 <https://jira.onap.org/browse/OJSI-80>`__\ ] - demo-sdc-sdc-wfd-fe exposes JDWP on port 7000 which allows for arbitrary code execution
+-  [`OJSI-90 <https://jira.onap.org/browse/OJSI-90>`__\ ] - SDC exposes unprotected API for user creation
 
 *Known Vulnerabilities in Used Modules*
 
SDC Parent Project Catalog FE and BE