[1.1.5] Use of Cryptographically Weak Pseudo-Random Number Generator

[ponyataeva]

The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG is not cryptographically strong.

How to fix:

If this random number is used where security is a concern, such as generating a session identifier or cryptographic key, use a trusted cryptographic random number generator instead.

Instances:

net.jradius.tls.TlsProtocolHandler.java 155