diff --git a/spring-boot-actuator-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json b/spring-boot-actuator-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json
index be6e4fc8071..c476443ca81 100644
--- a/spring-boot-actuator-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json
+++ b/spring-boot-actuator-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json
@@ -2,7 +2,7 @@
   {
     "name": "endpoints.configprops.keys-to-sanitize",
     "type": "java.lang.String[]",
-    "sourceType": "org.springframework.boot.actuate.endpoint.ConfigurationPropertiesReportEndpoint",
+    "sourceType": "org.springframework.boot.actuate.context.properties.ConfigurationPropertiesReportEndpoint",
     "description": "Keys that should be sanitized. Keys can be simple strings that the property ends with or regex expressions.",
     "defaultValue": [
       "password",
@@ -34,7 +34,7 @@
   {
     "name": "endpoints.env.keys-to-sanitize",
     "type": "java.lang.String[]",
-    "sourceType": "org.springframework.boot.actuate.endpoint.EnvironmentEndpoint",
+    "sourceType": "org.springframework.boot.actuate.env.EnvironmentEndpoint",
     "description": "Keys that should be sanitized. Keys can be simple strings that the property ends with or regex expressions.",
     "defaultValue": [
       "password",
@@ -217,10 +217,6 @@
     "description": "Enable the metrics servlet filter.",
     "defaultValue": true
   },
-  {
-    "name": "management.security.sessions",
-    "defaultValue": "stateless"
-  },
   {
     "name": "management.trace.filter.enabled",
     "type": "java.lang.Boolean",
@@ -943,7 +939,6 @@
     "description" : "Comma-separated list of required roles to login to the CRaSH console.",
     "defaultValue" : [ "ACTUATOR" ],
     "deprecation" : {
-      "replacement" : "management.security.roles",
       "reason" : "CRaSH support is no longer available.",
       "level" : "error"
     }
diff --git a/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc b/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc
index e23b80f4e7f..67e169a361b 100644
--- a/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc
+++ b/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc
@@ -1191,7 +1191,6 @@ content into your application; rather pick only the properties that you need.
 	management.address= # Network address that the management endpoints should bind to.
 	management.context-path= # Management endpoint context-path. For instance `/actuator`
 	management.port= # Management endpoint HTTP port. Uses the same port as the application by default. Configure a different port to use management-specific SSL.
-	management.security.sessions=stateless # Session creating policy to use (always, never, if_required, stateless).
 	management.ssl.ciphers= # Supported SSL ciphers. Requires a custom management.port.
 	management.ssl.client-auth= # Whether client authentication is wanted ("want") or needed ("need"). Requires a trust store. Requires a custom management.port.
 	management.ssl.enabled= # Enable SSL support. Requires a custom management.port.