Security Bulletin: Maximo Application Suite - bcprov-jdk18on-1.76.jar is vulnerable to CVE-2024-30171 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses bcprov-jdk18on-1.76.jar which is vulnerable to CVE-2024-30171. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-30171 DESCRIPTION: The Bouncy Castle Crypto Package For Java...

Security Bulletin: VMware Tanzu Spring Framework is vulnerable to multiple security CVEs used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses VMWare Tanzu Spring Framework which is vulnerable to multiple security CVEs. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-22262 DESCRIPTION: VMware Tanzu Spring Framewo...

Security Bulletin:Tensorflow, which is vulnerable to multiple security CVEs, is used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Tensorflow which is vulnerable to multiple security CVEs. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-25658 DESCRIPTION: TensorFlow is vulnerable to a denial of servic...

Security Bulletin: Node.js IP is vulnerable to CVE-2023-42282 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Node.js IP which is vulnerable to CVE-2023-42282. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-42282 DESCRIPTION: Node.js IP package could allow a remote attacker to...

Security Bulletin: Follow-redirects is vulnerable to CVE-2023-26159 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses follow-redirects which is vulnerable to CVE-2023-26159. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-26159 DESCRIPTION: follow-redirects could allow a remote attacker to...

Security Bulletin: urllib3 is vulnerable to CVE-2023-45803 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses urllib3 which is vulnerable to CVE-2023-45803. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-45803 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obta...

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to CVE-2023-46158 and CVE-2023-44483 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses IBM WebSphere Application Server Liberty which is vulnerable to CVE-2023-46158 and CVE-2023-44483. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-46158 DESCRIPTION: IBM...

Security Bulletin: Netty-codec-http2 is vulnerable to CVE-2023-44487 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses netty-codec-http2 which is vulnerable to CVE-2023-44487. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-44487 DESCRIPTION: Multiple vendors are vulnerable to a denial of...

Security Bulletin: Axios is vulnerable to CVE-2023-45857 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Axios which is vulnerable to CVE-2023-45857. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-45857 DESCRIPTION: Axios is vulnerable to cross-site request forgery, caused by...

Security Bulletin: Scipy is vulnerable to CVE-2023-25399 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses scipy which is vulnerable to CVE-2023-25399. Vulnerability Details CVEID:CVE-2023-25399 DESCRIPTION: SciPy is vulnerable to a denial of service, caused by a memory leak flaw in the PyFindObjects function due to new reference is not...

Security Bulletin: VMware Tanzu Spring Security is vulnerable to CVE-2023-34042 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses VMware Tanzu Spring Security, which is vulnerable to CVE-2023-34042. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-34042 DESCRIPTION: VMware Tanzu Spring Security could...

Security Bulletin: Netty is vulnerable to CVE-2023-4586 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses netty which is vulnerable to CVE-2023-4586. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-4586 DESCRIPTION: Netty is vulnerable to a man-in-the-middle attack, caused by th...

Security Bulletin: Tornado is vulnerable to 263690 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses tornado, which is vulnerable to 263690. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details IBM X-Force ID: 263690 DESCRIPTION: Tornado Web Server is vulnerable to HTTP request smuggling, caus...

Security Bulletin: JSON-java is vulnerable to CVE-2023-5072 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses JSON-java, which is vulnerable to CVE-2023-5072. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-5072 DESCRIPTION: JSON-java is vulnerable to a denial of service, caused by ...

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to CVE-2023-38737 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses IBM WebSphere Application Server Liberty which is vulnerable to CVE-2023-38737. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-38737 DESCRIPTION: IBM WebSphere Application...

Security Bulletin: Pydash is vulnerable to CVE-2023-26145 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses pydash, which is vulnerable to CVE-2023-26145. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-26145 DESCRIPTION: Python pydash package could allow a remote attacker to...

Security Bulletin: Snappy-java is vulnerable to CVE-2023-43642 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses snappy-java which is vulnerable to CVE-2023-43642. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-43642 DESCRIPTION: snappy-java is vulnerable to a denial of service, cause...

Security Bulletin: Urllib3 is vulnerable to CVE-2023-43804 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses urllib3 which is vulnerable to CVE-2023-43804. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obta...

Security Bulletin: mas-data-dictionary-lib-1.0.3.jar is vulnerable to CVE-2022-1471, CVE-2023-1370, and PRISMA-2023-0067 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses mas-data-dictionary-lib-1.0.3.jar which is vulnerable to CVE-2022-1471, CVE-2023-1370, and PRISMA-2023-0067. Vulnerability Details CVEID: CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote authenticated attacker to execute...

Security Bulletin: Systeminformation is vulnerable to CVE-2023-42810 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses systeminformation which is vulnerable to CVE-2023-42810. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID: CVE-2023-42810 DESCRIPTION: systeminformation could allow a remote attacker ...