Useradm · Useradm · CVE-2021-35342
Name of the Vulnerable Software and Affected Versions:
useradm service versions 1.13.0 through 1.14.0
Description:
The issue allows users to access the system with their JWT token after logout due to missing invalidation when the JWT verification cache is enabled.
Recommendations:
For useradm service version 1.13.0, update to version 1.13.1 or later.
For useradm service version 1.14.0, update to version 1.14.1 or later.
As a temporary workaround, consider disabling the JWT verification cache until a patch is available.