Uptime Kuma is a self-hosted monitoring tool. Prior to version 1.23.3, attackers with access to a user's device can gain persistent account access. This is caused by missing verification of Session Tokens after password changes and/or elapsed inactivity periods. Version 1.23.3 has a patch for the issue.
Metrics
Affected Vendors & Products
References
History
Wed, 18 Sep 2024 21:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-10-09T15:15:07.450Z
Updated: 2024-09-18T20:18:45.881Z
Reserved: 2023-09-28T17:56:32.615Z
Link: CVE-2023-44400
Vulnrichment
Updated: 2024-08-02T20:07:33.443Z
NVD
Status : Modified
Published: 2023-10-09T16:15:10.567
Modified: 2024-11-21T08:25:49.577
Link: CVE-2023-44400
Redhat
No data.