Last Modified: Nov 25, 2024
Affected Product(s):
BIG-IP APM
Known Affected Versions:
16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5
Fixed In:
17.1.1, 16.1.4
Opened: Sep 02, 2022 Severity: 3-Major
When JWT is cached, then the error "JWT Expired and cannot be used" is observed.
No impact.
WebSSO is used with bearer option to generate JWT tokens.
None
Removed the lee way default configured static value internally. Proper fix would be to provide a leeway configuration option.