Sonarcloud identified the following security bugs in your project and, as agreed by the TSC, should be fixed within the Honolulu release. Any not finished in Honolulu must be fixed within the Istanbul release. Follow each of the URLs for details on each each bug, along with recommended fixes.

 
If any of the links below fail, please find your code on the master list found at <https://sonarcloud.io/organizations/onap/issues?resolved=false&sonarsourceSecurity=weak-cryptography>.
 

https://sonarcloud.io/project/issues?id=onap_clamp&issues=AXBcggVOlG1iYV3Z37Vp&open=AXBcggVOlG1iYV3Z37Vp

Project: onap_aai-rest-client
Component: onap_aai-rest-client:src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 230
Effort: 5min
Creation-Date: 2018-11-21T13:11:43+0100
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBWy9dVbAHhGQgmrNcS&open=AXBWy9dVbAHhGQgmrNcS

Project: onap_aai-model-loader
Component: onap_aai-model-loader:src/main/java/org/onap/aai/modelloader/restclient/HttpsBabelServiceClient.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 128
Effort: 5min
Creation-Date: 2018-06-06T16:37:53+0200
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBXug-rg-g0c4ts1eHC&open=AXBXug-rg-g0c4ts1eHC

Project: onap_aai-cacher
Component: onap_aai-cacher:src/main/java/org/onap/aai/cacher/util/RestClient.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 75
Effort: 5min
Creation-Date: 2018-08-31T17:10:32+0200
URL: [-https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBTs9WmBjsJ0QHatf35&open=AXBTs9WmBjsJ0QHatf35-]

the above is in maintenance and will not be addressed

Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-core/src/main/java/org/onap/aai/util/HttpsAuthClient.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 90
Effort: 5min
Creation-Date: 2017-05-24T19:46:59+0200
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcgfwclG1iYV3Z37Vh&open=AXBcgfwclG1iYV3Z37Vh

Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-core/src/main/java/org/onap/aai/util/HttpsAuthClient.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 115
Effort: 5min
Creation-Date: 2017-05-24T19:46:59+0200
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcgfwclG1iYV3Z37Vi&open=AXBcgfwclG1iYV3Z37Vi

Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-core/src/main/java/org/onap/aai/util/HttpsAuthExternalClient.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 65
Effort: 5min
Creation-Date: 2018-01-18T23:42:01+0100
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcgfw3lG1iYV3Z37Vj&open=AXBcgfw3lG1iYV3Z37Vj

Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-core/src/main/java/org/onap/aai/util/HttpsAuthExternalClient.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 97
Effort: 5min
Creation-Date: 2018-01-18T23:42:01+0100
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcgfw3lG1iYV3Z37Vk&open=AXBcgfw3lG1iYV3Z37Vk

Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-rest/src/main/java/org/onap/aai/restclient/OneWaySSLRestClient.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 69
Effort: 5min
Creation-Date: 2019-04-11T05:43:41+0200
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcggltlG1iYV3Z37Vq&open=AXBcggltlG1iYV3Z37Vq

Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-rest/src/main/java/org/onap/aai/restclient/TwoWaySSLRestClient.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 76
Effort: 5min
Creation-Date: 2019-04-11T05:43:41+0200
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcggnllG1iYV3Z37Vs&open=AXBcggnllG1iYV3Z37Vs

Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-schema-abstraction/src/main/java/org/onap/aai/schemaif/json/SecureClientHttpRequestFactory.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 64
Effort: 5min
Creation-Date: 2019-10-29T22:36:53+0100
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcggVOlG1iYV3Z37Vn&open=AXBcggVOlG1iYV3Z37Vn

Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-schema-abstraction/src/main/java/org/onap/aai/schemaif/json/SecureClientHttpRequestFactory.java
Message: Enable server certificate validation on this SSL/TLS connection.
Severity: CRITICAL
Line: 86
Effort: 5min
Creation-Date: 2019-10-29T22:36:53+0100
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcggVOlG1iYV3Z37Vo&open=AXBcggVOlG1iYV3Z37Vo

Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-schema-abstraction/src/main/java/org/onap/aai/schemaif/json/SecureClientHttpRequestFactory.java
Message: Enable server certificate validation on this SSL/TLS connection.
Severity: CRITICAL
Line: 89
Effort: 5min
Creation-Date: 2019-10-29T22:36:53+0100
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcggVOlG1iYV3Z37Vp&open=AXBcggVOlG1iYV3Z37Vp