← Retour aux CVEs
CVE-2026-0519
LOW3.4
Description
In Secure Access 12.70 and prior to 14.20, the logging subsystem may write an unredacted authentication token to logs under certain configurations. Any party with access to those logs could read the token and reuse it to access an integrated system.
Details CVE
Score CVSS v3.13.4
SeveriteLOW
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisHIGH
Interaction utilisateurNONE
Publie1/17/2026
Derniere modification2/2/2026
Sourcenvd
Observations honeypot0
Produits affectes
absolute:secure_access
Faiblesses (CWE)
CWE-532
References
https://www.absolute.com/platform/security-information/vulnerability-archive/cve-2026-0519(SecurityResponse@netmotionsoftware.com)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.