In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.
CPE | Name | Operator | Version |
---|---|---|---|
erlang\\/otp | lt | 23.3.4.15 | |
erlang\\/otp | ge | 24.0 | |
erlang\\/otp | lt | 24.3.4.2 | |
erlang\\/otp | ge | 25.0 | |
erlang\\/otp | lt | 25.0.2 |