Security Advisory Description The BIG-IP Next Central Manager user session refresh token does not expire when a user logs out. (CVE-2024-39809) Impact An attacker with access to obtain a user's session cookies can continue to use that session to access BIG-IP Next Central Manager and systems managed by BIG-IP Next Central Manager after that user has logged out. There is no data plane exposure; this is a control plane issue…Read More