Absolute: >> Secure Access >> 14.12 Security Vulnerabilities
CVE-2026-0518 is a cross-site scripting vulnerability in versions of
Secure Access prior to 14.20. An attacker with administrative privileges
can interfere with another administrator’s use of the console.
CVSS Score
4.8
EPSS Score
0.0
Published
2026-01-17
In Secure Access 12.70 and prior to 14.20, the logging
subsystem may write an unredacted authentication token to logs under
certain configurations. Any party with access to those logs could read
the token and reuse it to access an integrated system.
CVSS Score
3.4
EPSS Score
0.0
Published
2026-01-17
CVE-2026-0517 is a denial-of-service vulnerability in versions of Secure
Access Server prior to 14.20. An attacker can send a specially crafted packet
to a server and cause the server to crash
CVSS Score
7.5
EPSS Score
0.0
Published
2026-01-17