Question & Answer
Question
Does the Spring Framework (spring4shell) vulnerability affect Maximo Asset Management or Maximo Application Suite environments?
Answer
The vulnerability affects Spring instances with JDK versions 9.0 or higher.
WebSphere Application Server does not ship Spring MVC code. Maximo Asset Management is deployed to WebSphere versions 8.5.x or 9.0.x Those versions use JDK 8 (and earlier).
Maximo uses JDK 8.
Related Information
[{"Type":"MASTER","Line of Business":{"code":"LOB02","label":"AI Applications"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSLKT6","label":"IBM Maximo Asset Management"},"ARM Category":[{"code":"a8m3p000000F81QAAS","label":"Maximo Application Suite->Security"},{"code":"a8m0z000000cvcNAAQ","label":"Security"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.6.1"},{"Type":"MASTER","Line of Business":{"code":"LOB59","label":"Sustainability Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSRHPA","label":"IBM Maximo Application Suite"},"ARM Category":[{"code":"a8m3p000000F81QAAS","label":"Maximo Application Suite->Security"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
08 April 2022
UID
ibm16569553