From 8f825f293c06e12e6d65ba0e2cb84a1d957a2d0e Mon Sep 17 00:00:00 2001
From: Ryan Armstrong <ryarmst@users.noreply.github.com>
Date: Tue, 10 Dec 2024 12:22:54 -0500
Subject: [PATCH] Move 3.2.1 -> 3.1.5 to resolve 2449

---
 5.0/en/0x12-V3-Session-management.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/5.0/en/0x12-V3-Session-management.md b/5.0/en/0x12-V3-Session-management.md
index dd44b84008..4c60f9a27b 100644
--- a/5.0/en/0x12-V3-Session-management.md
+++ b/5.0/en/0x12-V3-Session-management.md
@@ -37,6 +37,7 @@ Some of the requirements in this section relate to section [7.1](https://pages.n
 | **3.1.2** | [ADDED] Verify that the application performs all session token verification using a trusted, back-end service. | ✓ | ✓ | ✓ | 603 |
 | **3.1.3** | [MODIFIED, MOVED FROM 3.5.2, LEVEL L2 > L1] Verify that the application uses either self-contained or reference tokens for session management. Static API secrets and keys should be avoided. | ✓ | ✓ | ✓ | 798 |
 | **3.1.4** | [MODIFIED, MOVED FROM 3.2.2, MERGED FROM 3.2.4] Verify that if reference tokens are used to represent user sessions, they are unique and generated using a cryptographically secure pseudo-random number generator (CSPRNG) and possess at least 128 bits of entropy. | ✓ | ✓ | ✓ | |
+| **3.1.5** | [MODIFIED, MOVED FROM 3.2.1] Verify the application generates a new session token on user authentication, including re-authentication, and terminates the current session token. | ✓ | ✓ | ✓ | |
 
 ## V3.2 Session Binding
 
@@ -44,7 +45,7 @@ Some of the requirements in this section relate to section [7.1](https://pages.n
 
 | # | Description | L1 | L2 | L3 | CWE |
 | :---: | :--- | :---: | :---: | :---: | :---: |
-| **3.2.1** | [MODIFIED] Verify the application generates a new session token on user authentication, including re-authentication, and terminates the current session token. | ✓ | ✓ | ✓ | 384 |
+| **3.2.1** | [MODIFIED, MOVED TO 3.1.5] | | | | |
 | **3.2.2** | [MOVED TO 3.1.4] | | | | |
 | **3.2.3** | [DELETED, MERGED TO 8.2.2] | | | | |
 | **3.2.4** | [DELETED, MERGED TO 3.1.4] | | | | |