Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-46505

Published: 18/01/2023 Updated: 08/08/2023
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Matrixssl

Vulnerability Summary

An issue in MatrixSSL 4.5.1-open and previous versions leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

matrixssl matrixssl

Github Repositories

https://github.com/SmallTown123/Details-for-CVE-2022-46505

MatrixSSL session resume bug

details-for-CVE-2022-46505 MatrixSSL session resume bug 1 Description of bug An issue in MatrixSSL 451-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data 2 Affected version MatrixSSL 451-open and earlier 3 Vulnerability Type tls resume session decryption 4 Bug details

https://github.com/SmallTown123/details-for-CVE-2022-46505

MatrixSSL session resume bug

details-for-CVE-2022-46505 MatrixSSL session resume bug 1 Description of bug An issue in MatrixSSL 451-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data 2 Affected version MatrixSSL 451-open and earlier 3 Vulnerability Type tls resume session decryption 4 Bug details

References

CWE-665https://github.com/SmallTown123/details-for-CVE-2022-46505https://smalltown123.notion.site/MatrixSSL-session-resume-bug-a0https://nvd.nist.govhttps://github.com/SmallTown123/Details-for-CVE-2022-46505
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook