Maximo Application Suite Security Bulletins

IBM has released Maximo Application Suite Security Bulletins this week.  The links to the bulletins are below.  The bulletins contain information regarding when, where, and/or how to address the vulnerability. 

Security bulletin: Security Bulletin: Maximo Application Suite - IBM WebSphere Application Server is vulnerable to CVE-2024-25026 used in IBM Maximo Application Suite - Monitor Component  –  

https://www.ibm.com/support/pages/node/7168810?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

Security bulletin: Security Bulletin: IBM Truststore Manager uses Jinja2-3.1.3-py3-none-any.whl which is vulnerable to CVE-2024-34064 –  

https://www.ibm.com/support/pages/node/7168957?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

Security bulletin: Security Bulletin: IBM Maximo Application Suite uses tinymce-6.8.3.tgz which is vulnerable to CVE-2024-38357, CVE-2024-38356 –  

https://www.ibm.com/support/pages/node/7168956?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

Security bulletin: Security Bulletin:IBM Asset Data Dictionary Component uses aircompressor-0.21.jar which is vulnerable to CVE-2024-36114 –  

https://www.ibm.com/support/pages/node/7168959?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

Security bulletin: Security Bulletin: IBM Maximo Application Suite uses certifi-2024.6.2-py3-none-any.whl which is vulnerable to CVE-2024-39689 –  

https://www.ibm.com/support/pages/node/7168958?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E