AWS patches bug that left its WAF customers exposed to SQL injection

by | Oct 21, 2021

SC Media LogoResearchers reported this week that they found a bug in MySQL that left AWS Web Application Firewall (WAF) customers exposed to an SQL injection.

In a blog post, GoSecure’s ethical hackers also confirmed that upon further testing, ModSecurity, a popular WAF for Apache and nginx, were also exposed to an SQL injection.

The researchers said the bug, which they trace back to a Black Hat presentation in 2013, was fixed by AWS on Oct. 1, with public disclosure coming on Wednesday.

View Article Here

    Media Contact

      info@gosecure.net
Titan Managed Detection & Response
Next-Generation Antivirus
Endpoint Detection & Response
Network Detection & Response
Inbox Detection & Response
Insider Threat Detection & Response
Managed Firewall
Managed SIEM
Vulnerability Management as a Service
GoSecure Titan
Titan Software
Secure Email Gateway
Web Security
ResponderPRO Forensics Toolkit
Advisory Services
Breach Readiness Services
Custom Cybersecurity Consulting Services
Cybersecurity Assessment
Incident Response Services
Red & Purple Team Services
Penetration Testing Services
Privacy & Compliance Services
Security Compromise Assessment
3rd Party Technology

Pin It on Pinterest