Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-52353
HistoryJan 21, 2024 - 11:15 p.m.

Code injection

2024-01-2123:15:00
PRIOn knowledge base
www.prio-n.com
5
mbedtls
ssl session
code injection

7.1 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.9%

An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes the new maximum.

CPENameOperatorVersion
mbed_tlslt3.5.2

7.1 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.9%