Security Advisory

CVE-2023-52353

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-21 00:00:00
Last updated 2025-05-30 14:23:51
Assigner mitre
State PUBLISHED

Description

An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes the new maximum.