• Home
• org.sonarsource.java
• sonar-java-plugin
• 8.12.0.38599
• source code
• S6288.json

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.sonar.l10n.java.rules.java.S6288.json Maven / Gradle / Ivy

{
  "title": "Authorizing non-authenticated users to use keys in the Android KeyStore is security-sensitive",
  "type": "SECURITY_HOTSPOT",
  "code": {
    "impacts": {
      "SECURITY": "MEDIUM"
    },
    "attribute": "CONVENTIONAL"
  },
  "status": "ready",
  "remediation": {
    "func": "Constant\/Issue",
    "constantCost": "5min"
  },
  "tags": [
    "cwe",
    "android"
  ],
  "defaultSeverity": "Major",
  "ruleSpecification": "RSPEC-6288",
  "sqKey": "S6288",
  "scope": "Main",
  "securityStandards": {
    "CWE": [
      522
    ],
    "OWASP Mobile": [
      "M4"
    ],
    "OWASP Mobile Top 10 2024": [
      "M3",
      "M10"
    ],
    "MASVS": [
      "MSTG-AUTH-1"
    ],
    "OWASP Top 10 2021": [
      "A4"
    ],
    "PCI DSS 3.2": [
      "6.5.8"
    ],
    "PCI DSS 4.0": [
      "6.2.4"
    ],
    "ASVS 4.0": [
      "2.10.3"
    ]
  },
  "quickfix": "unknown"
}