Impact
A logical error in the TLS (SSL) implementation allows client certificates to be accepted without checking that the client certificate actually belongs to the client. This should be checked by verifying the signature sent by the client in certificate verify message, but
due to the error this step could be skipped.
Impacted are those who are running an SSL/TLS/DTLS server using the ssl application either directly or indirectly via other applications. For example via inets (httpd), cowboy, etc. Note that the vulnerability only affects servers that request client certification, that is sets the option {verify, verify_peer}.
Affected/Unaffected Versions
A version larger than or equal to one of the listed patched versions is unaffected; otherwise, a version that satisfies an expression listed under affected versions is affected, and if it does not, it is unaffected.
The documentation of the new OTP version scheme describes how versions should be compared. Note that versions used prior to OTP 17.0, when the new OTP version scheme was introduced, are never listed since it is not well defined how to compare those versions.
In the case of this vulnerability, versions prior to OTP 17.0 are likely also affected.
Impact
A logical error in the TLS (SSL) implementation allows client certificates to be accepted without checking that the client certificate actually belongs to the client. This should be checked by verifying the signature sent by the client in certificate verify message, but
due to the error this step could be skipped.
Impacted are those who are running an SSL/TLS/DTLS server using the ssl application either directly or indirectly via other applications. For example via inets (httpd), cowboy, etc. Note that the vulnerability only affects servers that request client certification, that is sets the option {verify, verify_peer}.
Affected/Unaffected Versions
A version larger than or equal to one of the listed patched versions is unaffected; otherwise, a version that satisfies an expression listed under affected versions is affected, and if it does not, it is unaffected.
The documentation of the new OTP version scheme describes how versions should be compared. Note that versions used prior to OTP 17.0, when the new OTP version scheme was introduced, are never listed since it is not well defined how to compare those versions.
In the case of this vulnerability, versions prior to OTP 17.0 are likely also affected.