<div style="display:inline;"> <img height="1" width="1" style="border-style:none;" alt="" src="//googleads.g.doubleclick.net/pagead/viewthroughconversion/1066880148/?value=0&amp;label=4oTQCMyJzwQQlJnd_AM&amp;guid=ON&amp;script=0">
Darlene Nerden

By: Darlene Nerden on August 16th, 2024

Print/Save as PDF

Maximo Application Suite Security Bulletins

IBM has released Maximo Application Suite Security Bulletins this week.  The links to the bulletins are below.  The bulletins contain information regarding when, where, and/or how to address the vulnerability.

Security bulletin: Security Bulletin: There is a vulnerability in commons-compress-1.21.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2024-25710, CVE-2024-26308) –  

https://www.ibm.com/support/pages/node/7164810?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E

Security bulletin: Security Bulletin: Maximo Application Suite - IBM WebSphere Application Server Liberty is vulnerable to CVE-2023-51775 a denial of service due to jose4j –  

https://www.ibm.com/support/pages/node/7164812?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E

Security bulletin: Security Bulletin: Maximo Application Suite - IBM WebSphere Application Server Liberty is vulnerable to multiple CVEs used in IBM Maximo Application Suite - Monitor Component –  

https://www.ibm.com/support/pages/node/7164811?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E

Security bulletin: Security Bulletin: Maximo Application Suite - IBM WebSphere Application Server Liberty is vulnerable to CVE-2024-22354 used in IBM Maximo Application Suite - Monitor Component –  

https://www.ibm.com/support/pages/node/7164813?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E

Security bulletin: Security Bulletin: Maximo Application Suite - IBM WebSphere Application Server Liberty is vulnerable to CVE-2024-27268 used in IBM Maximo Application Suite - Monitor Component –  

https://www.ibm.com/support/pages/node/7164814?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E

Security bulletin: Security Bulletin: IBM Maximo Application Suite uses IBM WebSphere Application Server Liberty 24.0.0.4 which is vulnerable to CVE-2023-50312 and CVE-2024-25026 –  

https://www.ibm.com/support/pages/node/7165262?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

Security bulletin: Security Bulletin: IBM Maximo Application Suite uses Flask_Cors-4.0.0-py2.py3-none-any.whl which is vulnerable to CVE-2024-1681 –  

https://www.ibm.com/support/pages/node/7165260?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E

Security bulletin: Security Bulletin: IBM Maximo Application Suite - IoT Component uses bcprov-jdk15on-1.70.jar which is vulnerable to CVE-2024-30172 –  

https://www.ibm.com/support/pages/node/7165261?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

 

Maximo Asset Management Security Bulletins 

IBM has released Maximo Asset Management Security Bulletins this week.  The links to the bulletins are below.  The bulletins contain information regarding when, where, and/or how to address the vulnerability.

Security bulletin: Security Bulletin: There is a vulnerability in commons-compress-1.21.jar used by IBM Maximo Asset Management application (CVE-2024-25710, CVE-2024-26308) –  

https://www.ibm.com/support/pages/node/7164809?myns=swgother&mynp=OCSSLKT6&mync=E&cm_sp=swgother-_-OCSSLKT6-_-E 

About Darlene Nerden

Darlene Nerden is a Maximo Operations and Support Engineer. She has worked with Maximo for over 30 years primarily on the infrastructure and systems side including installs, upgrades, performance tuning, etc. She has worked on a number of teams in the product lifecycle including QA, support, services, operations, etc. Darlene has been a key part of successful implementations and upgrades. She has also been an integral part in end-user acceptance of Maximo with key performance tuning and maintenance strategizes.