Important security alert

Important Maximo Security Patch

David Miller Asset Systems, Managed Service Support, News & Announcements

IBM has made us aware of a recently-discovered security vulnerability in IBM Maximo (CVE-2019-4478), which affects installed Maximo environments. This vulnerability has the potential of allowing an authenticated user to access information they should not normally have access to. Although the vulnerability has an overall rating of 6.5 (moderate), the impact is rated “High” for confidentiality. IBM has released a …

Under default configurations, some Maximo sites may be communicating passwords with the domain controller in clear text

Microsoft’s March Security Update impact for all Maximo sites using LDAP authentication

Azmul Khan EAM

The Microsoft Windows update due for release on 10 March 2020 will provide new options for administrators to harden the configurations for LDAP channel binding on Active Directory domain controllers. All Maximo sites that use LDAP to authenticate users against Active Directory should be aware of this change, its immediate impact, and the opportunities it presents to better protect the …