CVE-2026-0519 | THREATINT

Description

In Secure Access 12.70 and prior to 14.20, the logging subsystem may write an unredacted authentication token to logs under certain configurations. Any party with access to those logs could read the token and reuse it to access an integrated system.

PUBLISHED Reserved 2025-12-12 | Published 2026-01-17 | Updated 2026-01-20 | Assigner Absolute

MEDIUM: 4.6CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Product status

Default status

unaffected

12.70 (Server) before 14.20

affected

References

www.absolute.com/...tion/vulnerability-archive/cve-2026-0519

cve.org (CVE-2026-0519)

nvd.nist.gov (CVE-2026-0519)

Download JSON