I recently got SonarQube running on our legacy codebase and it raised a vulnerability for our use of libcurl “Use stronger SSL and TLS versions”. The fix was a single line:
// Compliant; enables TLSv1.2 / TLSv1.3 version only
curl_easy_setopt(m_handler, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
That’s great, but completely separately we also noticed that a developer had left a line in which set the AWS SDK client to HTTP (it uses HTTPS by default):
Aws::Client::ClientConfiguration clientConfig;
clientConfig.scheme = Aws::Http::Scheme::HTTP;
_pS3Client = new Aws::S3::S3Client(Aws::Auth::AWSCredentials(Aws::String(s3_access_key.c_str()),
Aws::String(s3_secret_access_key.c_str())), clientConfig);
It would be great if SonarQube would raise a similar vulnerability for this code. Also, the AWS SDK is available for multiple languages so I imagine the same problem can exist in all of them.