Uptime Kuma is a self-hosted monitoring tool. Prior to version 1.23.3, attackers with access to a user's device can gain persistent account access. This is caused by missing verification of Session Tokens after password changes and/or elapsed inactivity periods. Version 1.23.3 has a patch for the issue.
History

Wed, 18 Sep 2024 21:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-10-09T15:15:07.450Z

Updated: 2024-09-18T20:18:45.881Z

Reserved: 2023-09-28T17:56:32.615Z

Link: CVE-2023-44400

cve-icon Vulnrichment

Updated: 2024-08-02T20:07:33.443Z

cve-icon NVD

Status : Modified

Published: 2023-10-09T16:15:10.567

Modified: 2024-11-21T08:25:49.577

Link: CVE-2023-44400

cve-icon Redhat

No data.