Omada Controller for Windows / CVE-2023-44487
Hi there,
we are running the current Omada Controller for Windows on a Windows Server 2019 which is under protection of Microsoft Defender for servers. Microsoft reports several vulnerabilities that are caused by an outdated tomcat core version used by the current version of the omada controller. Especially the one mentioned above (CVE-2023-44487) hab publicly available exploits available.
When will there be an update to remediate this security vulnerability?
More details of the Defender findings:
Vulnerabilities caused by:
<Omada Controller Installation folder>\lib\tomcat-embed-core-9.0.76.jar
Vulnerabilites found:
CVE-2023-41080
CVE-2023-44487
CVE-2023-45648
CVE-2023-42794
CVE-2023-42795
CVE-2023-46589
CVE-2024-23672
CVE-2024-24549
Regards,
Mister-D