-
Bug
-
Resolution: Won't Do
-
High
-
Honolulu Release
Sonarcloud identified the following security bugs in your project and, as agreed by the TSC, should be fixed within the Honolulu release. Any not finished in Honolulu must be fixed within the Istanbul release. Follow each of the URLs for details on each each bug, along with recommended fixes.
If any of the links below fail, please find your code on the master list found at <https://sonarcloud.io/organizations/onap/issues?resolved=false&sonarsourceSecurity=weak-cryptography>.
Project: onap_vfc-nfvo-driver-vnfm-svnfm-nokiav2
Component: onap_vfc-nfvo-driver-vnfm-svnfm-nokiav2:driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/GenericSecurityProvider.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 49
Effort: 5min
Creation-Date: 2018-03-25T21:32:03+0200
URL: https://sonarcloud.io/project/issues?id=onap_vfc-nfvo-driver-vnfm-svnfm-nokiav2&issues=AXBXzvsUwbQRJ3RYR6vT&open=AXBXzvsUwbQRJ3RYR6vT
Project: onap_vfc-nfvo-driver-vnfm-svnfm-nokiav2
Component: onap_vfc-nfvo-driver-vnfm-svnfm-nokiav2:driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/GenericSecurityProvider.java
Message: Enable server certificate validation on this SSL/TLS connection.
Severity: CRITICAL
Line: 97
Effort: 5min
Creation-Date: 2018-03-25T21:32:03+0200
URL: https://sonarcloud.io/project/issues?id=onap_vfc-nfvo-driver-vnfm-svnfm-nokiav2&issues=AXBXzvsUwbQRJ3RYR6vU&open=AXBXzvsUwbQRJ3RYR6vU
Project: onap_vfc-nfvo-driver-vnfm-svnfm-nokiav2
Component: onap_vfc-nfvo-driver-vnfm-svnfm-nokiav2:driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/GenericSecurityProvider.java
Message: Enable server certificate validation on this SSL/TLS connection.
Severity: CRITICAL
Line: 102
Effort: 5min
Creation-Date: 2018-03-25T21:32:03+0200
URL: https://sonarcloud.io/project/issues?id=onap_vfc-nfvo-driver-vnfm-svnfm-nokiav2&issues=AXBXzvsUwbQRJ3RYR6vV&open=AXBXzvsUwbQRJ3RYR6vV
- clones
-
VNFSDK-755 fix CRITICAL weak-cryptography issues identified in sonarcloud
- Closed
- is cloned by
-
POLICY-3201 fix CRITICAL weak-cryptography issues identified in sonarcloud
- Closed
-
PORTAL-1064 fix CRITICAL weak-cryptography issues identified in sonarcloud
- Closed
-
VFC-1827 fix CRITICAL weak-cryptography issues identified in sonarcloud
- Closed
-
VID-971 fix CRITICAL weak-cryptography issues identified in sonarcloud
- Closed
- relates to
-
REQ-443 CONTINUATION OF BEST PRACTICES BADGING SCORE IMPROVEMENTS FOR SILVER LEVEL
- In Progress