To add, if anyone has specific information about the criticality of the vulnerability (for those who do not have Maximo as an external facing application), this information would be helpful as well.
------------------------------
Alex Vergara
------------------------------
Original Message:
Sent: Tue June 27, 2023 11:24 AM
From: Alex Vergara
Subject: Security Patch for v7.6.1.2 / 7.6.1.3
Hi all,
We were recently informed of the IBM security bulletin regarding the vulnerability in Apache Commons BCEL used by IBM Maximo Asset Management (CVE-2022-42920). This is a security patch we'll need to expedite and apply to our production environments prior to a major system go live that is integrated with our instance of Maximo in less than 2 weeks, which means having to rush the testing process for this patch. Have any others already implemented this security patch? If so, has anyone encountered any unanticipated issues with implementing the patch?
Thanks all!
------------------------------
Alex Vergara
------------------------------