In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Erlang/otp | Erlang | * | 23.3.4.15 (excluding) |
Erlang/otp | Erlang | 24.0 (including) | 24.3.4.2 (excluding) |
Erlang/otp | Erlang | 25.0 (including) | 25.0.2 (excluding) |