CVE-2023-42283
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-42283 is a newly discovered vulnerability affecting Tyk Gateway version 5.0.3. This issue involves a blind SQL injection vulnerability in the api_id parameter. Malicious actors can exploit this vulnerability to gain unauthorized access to the database and extract sensitive information through carefully crafted SQL queries without the need for any visible response from the application. This poses a significant risk to organizations using the affected Tyk Gateway version, as it allows attackers to bypass authentication and access critical data. To mitigate this risk, it is recommended that users upgrade to the latest version of Tyk Gateway as soon as possible.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.