-
Bug
-
Resolution: Done
-
Highest
-
Honolulu Release
-
None
Sonarcloud identified the following security bugs in your project and, as agreed by the TSC, should be fixed within the Honolulu release. Any not finished in Honolulu must be fixed within the Istanbul release. Follow each of the URLs for details on each each bug, along with recommended fixes.
If any of the links below fail, please find your code on the master list found at <https://sonarcloud.io/organizations/onap/issues?resolved=false&sonarsourceSecurity=weak-cryptography>.
Verification link: https://sonarcloud.io/organizations/onap/issues?resolved=false&sonarsourceSecurity=weak-cryptography&projects=onap_ccsdk-sli
Project: onap_ccsdk-sli-plugins
Component: onap_ccsdk-sli-plugins:restapi-call-node/provider/src/main/java/org/onap/ccsdk/sli/plugins/restapicall/RestapiCallNode.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 799
Effort: 5min
Creation-Date: 2020-09-02T03:10:54+0200
URL: https://sonarcloud.io/project/issues?id=onap_ccsdk-sli-plugins&issues=AXRMXomPGbP8YrkH20qb&open=AXRMXomPGbP8YrkH20qb
Project: onap_ccsdk-sli-plugins
Component: onap_ccsdk-sli-plugins:restapi-call-node/provider/src/main/java/org/onap/ccsdk/sli/plugins/restapicall/RestapiCallNode.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 926
Effort: 5min
Creation-Date: 2017-09-19T12:20:12+0200
URL: https://sonarcloud.io/project/issues?id=onap_ccsdk-sli-plugins&issues=AXBV2xhaxaa8ZqXQ2bHi&open=AXBV2xhaxaa8ZqXQ2bHi
Project: onap_ccsdk-sli-plugins
Component: onap_ccsdk-sli-plugins:restconf-client/provider/src/main/java/org/onap/ccsdk/sli/plugins/restconfdiscovery/RestconfDiscoveryNode.java
Message: Enable server certificate validation on this SSL/TLS connection.
Severity: CRITICAL
Line: 177
Effort: 5min
Creation-Date: 2018-10-25T11:25:00+0200
URL: https://sonarcloud.io/project/issues?id=onap_ccsdk-sli-plugins&issues=AXBV2xowxaa8ZqXQ2bHj&open=AXBV2xowxaa8ZqXQ2bHj
Project: onap_ccsdk-sli-plugins
Component: onap_ccsdk-sli-plugins:restconf-client/provider/src/main/java/org/onap/ccsdk/sli/plugins/restconfdiscovery/RestconfDiscoveryNode.java
Message: Enable server certificate validation on this SSL/TLS connection.
Severity: CRITICAL
Line: 181
Effort: 5min
Creation-Date: 2018-10-25T11:25:00+0200
URL: https://sonarcloud.io/project/issues?id=onap_ccsdk-sli-plugins&issues=AXBV2xowxaa8ZqXQ2bHk&open=AXBV2xowxaa8ZqXQ2bHk
Project: onap_ccsdk-sli-plugins
Component: onap_ccsdk-sli-plugins:restconf-client/provider/src/main/java/org/onap/ccsdk/sli/plugins/restconfdiscovery/RestconfDiscoveryNode.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 193
Effort: 5min
Creation-Date: 2018-10-25T11:25:00+0200
URL: https://sonarcloud.io/project/issues?id=onap_ccsdk-sli-plugins&issues=AXBV2xowxaa8ZqXQ2bHl&open=AXBV2xowxaa8ZqXQ2bHl
Project: onap_ccsdk-apps
Component: onap_ccsdk-apps:ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 236
Effort: 5min
Creation-Date: 2018-09-19T02:57:28+0200
URL: https://sonarcloud.io/project/issues?id=onap_ccsdk-sli-plugins&issues=AXBXTVjBRfKbo15bksmU&open=AXBXTVjBRfKbo15bksmU
Project: onap_ccsdk-apps
Component: onap_ccsdk-apps:ms/vlantag-api/src/main/java/org/onap/ccsdk/apps/ms/vlantagapi/core/ApplicationSecurityConfig.java
Message: Don't use the default "PasswordEncoder" relying on plain-text.
Severity: CRITICAL
Line: 75
Effort: 30min
Creation-Date: 2018-08-22T17:13:47+0200
URL: https://sonarcloud.io/project/issues?id=onap_ccsdk-sli-plugins&issues=AW6lVtynk4KhMkVz6ZVH&open=AW6lVtynk4KhMkVz6ZVH
Project: onap_ccsdk-sli-adaptors
Component: onap_ccsdk-sli-adaptors:base/http/provider/src/main/java/org/onap/ccsdk/sli/adaptors/base/http/AbstractHttpAdapter.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 36
Effort: 5min
Creation-Date: 2019-08-09T18:48:01+0200
URL: https://sonarcloud.io/project/issues?id=onap_ccsdk-sli-plugins&issues=AXBWDs0-DUADTDHpSXAL&open=AXBWDs0-DUADTDHpSXAL
Project: onap_ccsdk-sli-adaptors
Component: onap_ccsdk-sli-adaptors:mdsal-resource/provider/src/main/java/org/onap/ccsdk/sli/adaptors/resource/mdsal/RestService.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 93
Effort: 5min
Creation-Date: 2019-11-07T16:41:02+0100
URL: https://sonarcloud.io/project/issues?id=onap_ccsdk-sli-plugins&issues=AXBWDtPLDUADTDHpSXAM&open=AXBWDtPLDUADTDHpSXAM
Project: onap_ccsdk-sli-adaptors
Component: onap_ccsdk-sli-adaptors:message-router/consumer/provider/src/main/java/org/onap/ccsdk/sli/adaptors/messagerouter/consumer/provider/impl/AbstractBaseConsumer.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 172
Effort: 5min
Creation-Date: 2019-06-17T17:31:38+0200
URL: https://sonarcloud.io/project/issues?id=onap_ccsdk-sli-plugins&issues=AXBWDtflDUADTDHpSXAN&open=AXBWDtflDUADTDHpSXAN
Project: onap_ccsdk-sli-northbound
Component: onap_ccsdk-sli-northbound:dmaap-listener/src/main/java/org/onap/ccsdk/sli/northbound/dmaapclient/SdncOdlConnection.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 112
Effort: 5min
Creation-Date: 2017-08-01T21:10:25+0200
URL: https://sonarcloud.io/project/issues?id=onap_ccsdk-sli-plugins&issues=AXBVe5qEuzrOmaQIYFOI&open=AXBVe5qEuzrOmaQIYFOI
Project: onap_ccsdk-sli-northbound
Component: onap_ccsdk-sli-northbound:ueb-listener/src/main/java/org/onap/ccsdk/sli/northbound/uebclient/SdncOdlConnection.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 116
Effort: 5min
Creation-Date: 2017-08-01T21:10:25+0200
URL: https://sonarcloud.io/project/issues?id=onap_ccsdk-sli-plugins&issues=AXBVe5i6uzrOmaQIYFOH&open=AXBVe5i6uzrOmaQIYFOH
