Interloc Solutions Blog

Maximo Application Suite Security Bulletins

Written by Darlene Nerden | Jun 10, 2024 4:31:18 PM

IBM has released Maximo Application Suite Security Bulletins this week.  The links to the bulletins are below.  The bulletins contain information regarding when, where, and/or how to address the vulnerability.

Security bulletin: Security Bulletin: IBM Asset Data Dictionary Component uses urllib3 which is vulnerable to CVE-2023-43804 –  

https://www.ibm.com/support/pages/node/7152268?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

Security bulletin: Security Bulletin: IBM Maximo Application Suite uses cryptography-41.0.2-cp37-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2023-50782 –  

https://www.ibm.com/support/pages/node/7155116?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

Security bulletin: Security Bulletin: Security Bulletin: IBM Truststore Manager uses cryptography-41.0.4-cp37-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2023-50782 –  

https://www.ibm.com/support/pages/node/7155130?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

Security bulletin: Security Bulletin: Gunicorn-20.1.0-py3-none-any.whl is vulnerable to CVE-2024-1135 used in IBM Maximo Application Suite - Edge Data Collector –  

https://www.ibm.com/support/pages/node/7156272?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

Security bulletin: Security Bulletin: openssl-src-300.2.1+3.2.0.crate is vulnerable to CVE-2024-0727, CVE-2023-6129, and CVE-2023-6237 used in IBM Maximo Application Suite - Edge Data Collector –  

https://www.ibm.com/support/pages/node/7156271?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

Security bulletin: Security Bulletin: mio-0.8.10.crate, and mio-0.8.8.crate is vulnerable to CVE-2024-27308 used in IBM Maximo Application Suite - Edge Data Collector –  

https://www.ibm.com/support/pages/node/7156273?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

Maximo Asset Management Security Bulletins 

IBM has released Maximo Asset Management Security Bulletins this week.  The links to the bulletins are below.  The bulletins contain information regarding when, where, and/or how to address the vulnerability. 

Security bulletin: Security Bulletin: Maximo Asset Management: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2024 - Includes Oracle April 2024 CPU plus CVE-2023-38264 – 

https://www.ibm.com/support/pages/node/7155800?myns=swgother&mynp=OCSSLLAM&mynp=OCSSLKSJ&mynp=OCSSG2D3&mynp=OCSSLL84&mynp=OCSSLL9Z&mynp=OCSSWT9A&mynp=OCSS5RRF&mynp=OCSSKVFR&mynp=OCSSLL9G&mynp=OCSSLL8M&mynp=OCSSLKT6&mync=E&cm_sp=swgother-_-OCSSLLAM-OCSSLKSJ-OCSSG2D3-OCSSLL84-OCSSLL9Z-OCSSWT9A-OCSS5RRF-OCSSKVFR-OCSSLL9G-OCSSLL8M-OCSSLKT6-_-E 
View full post