According with   Security Advisory - 23097

We are currently only using the persistance layer of the OTK and we are using otk 4.3.1.  

We need to confirm  if we are impacted by this advisory in any way.

CA API Gateway 10.1

OTK 4.3.1

In some instances, the configuration of the OAuth Toolkit may allow access to unauthorized tokens when the OAuth Toolkit is configured to use opaque UUID tokens and it is deployed in a single gateway mode (i.e. DMZ and internal components deployed to the same gateway instance). There are no known exploits of this condition, however it is highly recommended that customers using the product versions listed above apply the latest patches for the products which are now available on the solutions and patches pages:

- The vulnerability was discovered internally and there are no known exploits of this condition currently.

- The issue was introduced in OTK 4.5  , but OTK 4.3.1 version is not affected.

- Do not need manual remediation or patch to apply for this specific Security Advisory because do not apply to OTK 4.3.1 version