---

ASA-202105-2 - log back

ASA-202105-2 edited at 20 May 2021 18:03:01

ASA-202105-2 edited at 20 May 2021 18:02:22
Workaround	- If you aren't using authentication tokens, you can set SECURITY_TOKEN_MAX_AGE to "0" (seconds) which should make the token unusable. + If you aren't using authentication tokens, you can set + SECURITY_TOKEN_MAX_AGE to "0" (seconds) which should make the token + unusable.

ASA-202105-2 edited at 19 May 2021 10:47:57
Workaround	+ If you aren't using authentication tokens, you can set SECURITY_TOKEN_MAX_AGE to "0" (seconds) which should make the token unusable.
Impact	+ A remote attacker could obtain a user's authentication token from a cross-site request.

ASA-202105-2 created at 19 May 2021 10:45:47