Security Bulletin: XSS, Gain Privileges, Improper Access Control vulnerabilities in Maximo Asset Mgmt, Tivoli Asset Mgmt for IT, Tivoli Service Request Mgr, Change and Configuration Mgmt Database, and SmartCloud Control Desk. See Details for CVE IDs. VULNERABILITY DETAILS: Customers who have Maximo Asset Management, Maximo Asset Management Essentials, Tivoli Asset Management for IT, Tivoli Service [...]
IBM: Potential security vulnerabilities with JavaTM SDKs
January 9, 2013 by Leave a Comment
Security Bulletin: Asset and Service Mgmt Products – Potential security exposure when using JavaTM based applications due to vulnerabilities in Java Software Developer Kits. See Vulnerability Details for CVE IDs. [Continue reading...]
Create a custom dialog to email a BIRT report
June 7, 2012 by Leave a Comment
This tutorial on “How To Create A Custom Dialog Box In Maximo Allowing User To Email BIRT Report“ comes from Daniel Ng and it’s probably one of the best, if not the best Maximo tutorials out there, even better than mine! I have to give credit where credit is due and I admire him. This is [...]
Secure MIF web service methods with native authentication
January 3, 2012 by 1 Comment
By default, MIF web services are unsecure, but if you are using native Maximo security and not LDAP, you can secure MIF web services with this configuration change. Normally Web Services and HTTP Servelets are secured using the MEAWEB Web.xml descriptor to map the maximousers security role in the Application Server to each service. If [...]
Security Update: Maximo update for potential security exposure with IBM HTTP Server
September 13, 2011 by Leave a Comment
Maximo products using WebShere and IBM HTTP Server are exposed to potential security exploit (PM46234) (CVE-2011-3192). This exploit allows HTTP requests using byte ranges to contain ranges larger than the size of the file being served. Performing a significant number of these requests can result in a denial of service. All customers using IBM HTTP [...]
Adding users in Maximo even when using LDAP authentication or mxe.useAppServerSecurity=true
August 23, 2011 by 7 Comments
If you have setup Maximo to use LDAP authentication and you try to go into the Users application and try to create a new record, you will get this error message: “You are using app server security, therefore you cannot call this method”. So what are the reasons for wanting to create a user in [...]
Everything you need to know about IBM Maximo 7.5
May 19, 2011 by Leave a Comment
Here is a complete rundown of what you need to know about the latest release of Maximo Asset Management 7.5 from IBM. What’s New? What’s new in IBM Maximo 7.5? IBM Maximo 7.5 preview site (try it quick before IBM takes it down) Downloading IBM Maximo 7.5 Download the latest release from IBM PassPort advantage [...]
Maximo 6 Go To navigation sub menu not working
April 19, 2011 by Leave a Comment
Recently there have been a lot of questions regarding why suddenly the Maximo 6 go to navigation menu stopped working. The culprit is a Microsoft security update. IBM is aware of this issue and is working on a resolution. The temporary solution is to remove the Microsoft security fix KB2497640. [Maximo navigation not working via IBM [...]
Configuring conditional security in Maximo
March 17, 2011 by 1 Comment
Here are a couple flash videos with audio from IBM support that show how to setup some conditional security. This first video shows how to configure required fields using attribute restrictions. In this example, a required field is needed when the workorder is set to a certain priority. Watch Part 1 Video This second video [...]
