Interloc Solutions Blog

Maximo Application Suite Security Bulletins - 7/11/24

Written by Darlene Nerden | Jul 11, 2024 9:26:15 PM

IBM has released Maximo Application Suite Security Bulletins this week.  The links to the bulletins are below.  The bulletins contain information regarding when, where, and/or how to address the vulnerability.

 

Security bulletin: Security Bulletin: IBM Maximo Application Suite - IoT Component uses Kafka - 3.0.2 which is vulnerable to CVE-2024-27309 –  

https://www.ibm.com/support/pages/node/7158049?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

 

Software: Security Bulletin: Maximo Application Suite - follow-redirects-1.15.4.tgz and follow-redirects-1.15.5.tgz are vulnerable to CVE-2024-28849 used in IBM Maximo Application Suite - Monitor Component –  

https://www.ibm.com/support/pages/node/7158774?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

 

Software: Security Bulletin: Maximo Application suite - express-4.18.2.tgz is vulnerable to CVE-2024-29041 used in IBM Maximo Application Suite - Monitor Component –  

https://www.ibm.com/support/pages/node/7158771?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

 

Software: Security Bulletin: Maximo Application Suite - bcprov-jdk18on-1.76.jar is vulnerable to CVE-2024-30171 used in IBM Maximo Application Suite - Monitor Component –  

https://www.ibm.com/support/pages/node/7158768?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

 

Software: Security Bulletin: Maximo Application Suite - torch-1.13.1-cp37-cp37m-manylinux1_x86_64.whl is vulnerable to multiple security CVEs used in IBM Maximo Application Suite - Monitor Component –  

https://www.ibm.com/support/pages/node/7158773?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

 

Software: Security Bulletin: Maximo Application Suite - jose4j is vulnerable to CVE-2023-51775 used in IBM Maximo Application Suite - Monitor Component -  

https://www.ibm.com/support/pages/node/7158770?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

 

Software: Security Bulletin: Maximo Application Suite - gunicorn-20.1.0-py3-none-any.whl is vulnerable to CVE-2024-1135 used in IBM Maximo Application Suite - Monitor Component –  

https://www.ibm.com/support/pages/node/7158769?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

 

Software: Security Bulletin: Maximo Application Suite - Multiple Netty package is vulnerable to CVE-2024-29025 used in IBM Maximo Application Suite - Monitor Component –  

https://www.ibm.com/support/pages/node/7158772?myns=swgother&mynp=OCSSRHPA&mync=E&cm_sp=swgother-_-OCSSRHPA-_-E 

 
View full post