An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes the new maximum. CREATE(Triage):(User=admin) CVE-2023-52353 (https://nvd.nist.gov/vuln/detail/CVE-2023-52353)