Add 1.10 upgrade note for SSCT on Consul. (#15873)

website/content/docs/upgrading/upgrade-to-1.10.x.mdx

@@ -39,7 +39,7 @@ the OTP generation to include an additional 2 characters before upgrading so tha
 OTP can be xor-ed with the encoded root token. This change was implemented as a result
 of the change in the prefix from hvs. to s. for service tokens.
 
-## New error response for login requests to perf standbys lagging behind active node
+## New error response for requests to perf standbys lagging behind active node
 
 The introduction of [Server Side Consistent Tokens](/docs/faq/ssct) means that
 when issuing a request to a perf standby right after having obtained a token (e.g.
@@ -89,6 +89,14 @@ to understand how the built-in resources are used in the system.
 
 @include 'raft-panic-old-tls-key.mdx'
 
+## Errors returned by perf standbys lagging behind active node with Consul storage
+
+The introduction of [Server Side Consistent Tokens](/docs/faq/ssct) means that
+when issuing a request to a perf standby right after having obtained a token (e.g.
+via login), if the token and its lease haven't yet been replicated to the perf
+standby, an HTTP 412 error will be returned.  Before 1.10.0 this wouldn't have
+resulted in the client seeing errors with Consul storage.
+
 ### Single Vault follower restart causes election even with established quorum
 
 We now support Server Side Consistent Tokens (See [Replication](/docs/configuration/replication) and [Vault Eventual Consistency](/docs/enterprise/consistency)), which introduces a new token format that can only be used on nodes of 1.10 or higher version. This new format is enabled by default upon upgrading to the new version. Old format tokens can be read by Vault 1.10, but the new format Vault 1.10 tokens cannot be read by older Vault versions.