JWT token generated by DX UIM Admin console web application contains sensitive information

search cancel

JWT token generated by DX UIM Admin console web application contains sensitive information

book

Article ID: 282488

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM) CA Unified Infrastructure Management On-Premise (Nimsoft / UIM) CA Unified Infrastructure Management SaaS (Nimsoft / UIM)

Issue/Introduction

The JWT token generated by the DXIM Admin console web application contains sensitive information. The payload of the JWT contains the key '<password>' with an encoded value of a password. We now need to make changes on UIM end to ensure sensitive information is not stored within JWT tokens.

Environment

DX UIM 20.4 CU9

Resolution

The issue is Resolved in DX UIM 23.4CU2

UIM Server 23.4 - Cumulative Update 2
Operator Console 23.4 - Cumulative Update 2

Feedback

thumb_up Yes

thumb_down No