2 matches found
CVE-2019-12421
When using an authentication mechanism other than PKI, when the user clicks Log Out in NiFi versions 1.0.0 to 1.9.2, NiFi invalidates the authentication token on the client side but not on the server side. This permits the user's client-side token to be used for up to 12 hours after logging out t...
CVE-2019-12421
CVE-2019-12421 affects Apache NiFi; in NiFi versions 1.0.0–1.9.2, when using an authentication mechanism other than PKI, logging out invalidates the client-side token but not the server-side token. This allows the user’s client-side token to be used for up to 12 hours after logout to make API req...