Open redirect

2023-01-1816:15:00

PRIOn knowledge base

www.prio-n.com

matrixssl security issue

sessionid

mastersecret misuse

data decryption

0.002 Low

EPSS

Percentile

57.8%

JSON

An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data.

CPENameOperatorVersion
matrixsslle4.5.1

CPE	Name	Operator	Version
	matrixssl	le	4.5.1

References

github.com/SmallTown123/details-for-CVE-2022-46505

smalltown123.notion.site/MatrixSSL-session-resume-bug-a0

0.002 Low

EPSS

Percentile

57.8%

JSON

Related for PRION:CVE-2022-46505