Lucene search
PRIOn knowledge basePRION:CVE-2023-44400HistoryOct 09, 2023 - 4:15 p.m.
Session fixation
2023-10-0916:15:00
PRIOn knowledge base
www.prio-n.com
uptime kuma
monitoring tool
session fixation
vulnerability
patch
version 1.23.3
account access
password changes
session tokens
Uptime Kuma is a self-hosted monitoring tool. Prior to version 1.23.3, attackers with access to a user’s device can gain persistent account access. This is caused by missing verification of Session Tokens after password changes and/or elapsed inactivity periods. Version 1.23.3 has a patch for the issue.
| CPE | Name | Operator | Version |
|---|---|---|---|
| uptime_kuma | lt | 1.23.3 |
Related
cvelist
cvelist
CVE-2023-44400 Uptime Kuma has Persistentent User Sessions
2023-10-09 15:15:07
CVE-2023-49804 Uptime Kuma Password Change Vulnerability
2023-12-11 22:32:32
cve
cve
CVE-2023-44400
2023-10-09 16:15:10
CVE-2023-49804
2023-12-11 23:15:07
nvd
nvd
CVE-2023-44400
2023-10-09 16:15:10
CVE-2023-49804
2023-12-11 23:15:07
github
github
Uptime Kuma has Persistentent User Sessions
2023-10-10 21:29:23
veracode
veracode
Session Fixation
2023-10-11 07:39:03
Session Fixation
2023-12-12 06:03:15
osv
osv
CVE-2023-49804
2023-12-11 23:15:07
CVE-2023-44400
2023-10-09 16:15:10
Password Change Vulnerability
2023-12-12 00:59:30
prion
prion
Input validation
2023-12-11 23:15:00