-
Story
-
Resolution: Done
-
High
-
None
The web page
https://sonarcloud.io/organizations/onap/issues?open=AXBW0hh9uzrOmaQIlnTx&resolved=false&sonarsourceSecurity=weak-cryptography
shows several security issues. Search for
src/main/java/org/onap/dcae/common/RestapiCallNode.java
src/main/java/org/onap/dcae/controller/PersistentEventConnection.java
If any of the links below fail, please find your code on the master list found at <https://sonarcloud.io/organizations/onap/issues?resolved=false&sonarsourceSecurity=weak-cryptography>.
Taken from DCAEGEN2-2656:
Project: onap_dcaegen2-collectors-restconf
Component: onap_dcaegen2-collectors-restconf:src/main/java/org/onap/dcae/common/RestapiCallNode.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 328
Effort: 5min
Creation-Date: 2018-10-03T08:38:26+0200
_URL: https://sonarcloud.io/project/issues?id=onap_dcaegen2-collectors-restconf&issues=AXBW0hh9uzrOmaQIlnTx&open=AXBW0hh9uzrOmaQIlnTx_
Project: onap_dcaegen2-collectors-restconf
Component: onap_dcaegen2-collectors-restconf:src/main/java/org/onap/dcae/common/RestapiCallNode.java
Message: Enable server certificate validation on this SSL/TLS connection.
Severity: CRITICAL
Line: 340
Effort: 5min
Creation-Date: 2019-04-26T13:50:44+0200
_URL: https://sonarcloud.io/project/issues?id=onap_dcaegen2-collectors-restconf&issues=AXBW0hh9uzrOmaQIlnTy&open=AXBW0hh9uzrOmaQIlnTy_
Project: onap_dcaegen2-collectors-restconf
Component: onap_dcaegen2-collectors-restconf:src/main/java/org/onap/dcae/common/RestapiCallNode.java
Message: Enable server certificate validation on this SSL/TLS connection.
Severity: CRITICAL
Line: 342
Effort: 5min
Creation-Date: 2019-04-26T13:50:44+0200
_URL: https://sonarcloud.io/project/issues?id=onap_dcaegen2-collectors-restconf&issues=AXBW0hh9uzrOmaQIlnTz&open=AXBW0hh9uzrOmaQIlnTz_
Project: onap_dcaegen2-collectors-restconf
Component: onap_dcaegen2-collectors-restconf:src/main/java/org/onap/dcae/common/RestapiCallNode.java
Message: Change this code to use a stronger protocol.
Severity: MAJOR
Line: 348
Effort: 2min
Creation-Date: 2019-04-26T13:50:44+0200
_URL: https://sonarcloud.io/project/issues?id=onap_dcaegen2-collectors-restconf&issues=AW6lUCkHk4KhMkVz6Qd8&open=AW6lUCkHk4KhMkVz6Qd8_
Project: onap_dcaegen2-collectors-restconf
Component: onap_dcaegen2-collectors-restconf:src/main/java/org/onap/dcae/common/RestapiCallNode.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 355
Effort: 5min
Creation-Date: 2019-04-26T13:50:44+0200
_URL: https://sonarcloud.io/project/issues?id=onap_dcaegen2-collectors-restconf&issues=AXBW0hh9uzrOmaQIlnT0&open=AXBW0hh9uzrOmaQIlnT0_
Project: onap_dcaegen2-collectors-restconf
Component: onap_dcaegen2-collectors-restconf:src/main/java/org/onap/dcae/common/RestapiCallNode.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 451
Effort: 5min
Creation-Date: 2018-10-03T08:38:26+0200
_URL: https://sonarcloud.io/project/issues?id=onap_dcaegen2-collectors-restconf&issues=AXBW0hh9uzrOmaQIlnT1&open=AXBW0hh9uzrOmaQIlnT1_
Project: onap_dcaegen2-collectors-restconf
Component: onap_dcaegen2-collectors-restconf:src/main/java/org/onap/dcae/controller/PersistentEventConnection.java
Message: Enable server certificate validation on this SSL/TLS connection.
Severity: CRITICAL
Line: 303
Effort: 5min
Creation-Date: 2019-03-18T10:55:23+0100
_URL: https://sonarcloud.io/project/issues?id=onap_dcaegen2-collectors-restconf&issues=AXBW0hbDuzrOmaQIlnTu&open=AXBW0hbDuzrOmaQIlnTu_
Project: onap_dcaegen2-collectors-restconf
Component: onap_dcaegen2-collectors-restconf:src/main/java/org/onap/dcae/controller/PersistentEventConnection.java
Message: Enable server certificate validation on this SSL/TLS connection.
Severity: CRITICAL
Line: 307
Effort: 5min
Creation-Date: 2019-03-18T10:55:23+0100
_URL: https://sonarcloud.io/project/issues?id=onap_dcaegen2-collectors-restconf&issues=AXBW0hbDuzrOmaQIlnTv&open=AXBW0hbDuzrOmaQIlnTv_
Project: onap_dcaegen2-collectors-restconf
Component: onap_dcaegen2-collectors-restconf:src/main/java/org/onap/dcae/controller/PersistentEventConnection.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 319
Effort: 5min
Creation-Date: 2019-03-18T10:55:23+0100
_URL: https://sonarcloud.io/project/issues?id=onap_dcaegen2-collectors-restconf&issues=AXBW0hbDuzrOmaQIlnTw&open=AXBW0hbDuzrOmaQIlnTw_
- relates to
-
REQ-443 CONTINUATION OF BEST PRACTICES BADGING SCORE IMPROVEMENTS FOR SILVER LEVEL
- In Progress
-
DCAEGEN2-2656 fix CRITICAL weak-cryptography issues identified in sonarcloud
- Closed
- mentioned in
-
Page Loading...