Vulnerability CVE-2023-52353
Published: 2024-01-21   Modified: 2024-01-22

Description:
An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes the new maximum.

 References:
https://github.com/Mbed-TLS/mbedtls/issues/8654
Copyright 2026, cxsecurity.com

 

Back to Top