Log4J Security Vulnerability System Patching for WebSphere

At the end of 2021, many companies were faced with the log4j security vulnerabilities. This was a worldwide security that has caused a lot of problems. For users of IBM Maximo, their Maximo environments were not affected, however WebSphere was impacted. The vulnerability caused Apache Log4j to allow a remote attacker to execute arbitrary code on the system. If an attacker were to access the system they would be able to write access to the Log4j configuration and de-serialize untrusted data. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM has released a fixed for this issue in which the update removes the Apache Log4j from Admin Console and UDDI Registry application. The Log4j security vulnerability is resolved by upgrading WebSphere to 9.0.5.10 or newer versions. If you are running on any 8.0 version of WebSphere then upgrading to 8.5.5.20 or newer version will remedy the issue as well.

 

How to update WebSphere to the current version.

  1. Log into Maximo and go to System Information. Observe the WebSphere version.

ibm maximo system information websphere log4j security vulnerability blog

  1. Next, open the Services application and stop the following WebSphere services: IBM HTTP Server V9.0, IBM WebSphere Application Server V9.0-ctgCellManager01, IBM WebSphere Application Server V9.0-ctgNode01.

ibm maximo security patch log4j update fix

  1. Open the application, “IBM Installation Manager”.

a3j group troubleshooting ibm maximo blog log4j issue update

  1. After IBM Installation Manager opens, Click on “Update”

ibm installation manager update ibm maximo websphere log4j issue

5. Observe to see all of the packages that are available for an update. Click on the checkbox, “Update all packages with recommended updates and recommended fixes”

troubleshoot ibm maximo update websphere log4j issue a3j group

6. Log into your IBM account to download the recommended updates and fixes, then click “Next” after it finishes searching for the updates.

a3j group blog ibm maximo issue fix log4j websphere update

7. Accept the terms in the license agreements to proceed with the update.

ibm maximo patch log4j issue websphere update system

  1. In this view you can observe all of the updates that are going to occur before you click on the “Update” button. Then, click on Update.

a3j group blog patch ibm maximo log4j security vulnerability websphere update

  1. At this point, we have successfully updated WebSphere with all the recommended fixes and updates. Click “Finish”

ibm maximo blog a3j group websphere fix log4j security update

  1. Open the Services application, Start WebSphere back up by starting the following services: IBM HTTP Server V9.0, IBM WebSphere Application Server V9.0-ctgCellManager01, IBM WebSphere Application Server V9.0-ctgNode01.

security patch ibm maximo websphere integration log4j update a3j group blog

  1. Log into Maximo and go to System Information. Observe the new WebSphere version.

ibm maximo websphere integration security patch log4j issue blog update a3j group

Once, you have confirmed that your WebSphere system has been updated, you can rest assured that your Log4J security vulnerability has been remedied. As humans become more involved with technology and dependent on systems to run daily business operations, it is increasingly important to stay mindful of these types of breach opportunities. Emphasizing monitoring and remaining informed on the latest security vulnerabilities is imperative if you want your systems to remain impenetrable. Hopefully, this guide served you well in patching the Log4J security vulnerability! If you would like to receive an email when we post a new blog, subscribe below.

 

 

 

Editing Font Sizes in IBM Maximo – Long Description and Log Defaults

How to change the Long Description and Log Default font sizes for all apps in IBM Maximo:

If you’re like me, you might not have the greatest eyesight in the world. Logs and long descriptions in IBM Maximo are a very useful way to let your co-workers know:

  1. What’s going on with a particular Work Order
  2. Asset, Purchase Order, Item or any of the various applications that would need more description, or a log information put onto it.

IBM Maximo defaults the size for the Long Descriptions and Logs to xx-small type. It’s great for fitting a lot more on a little page. However, it’s very hard to read and for the majority of the world’s population, we need glasses to do so. This begs the question, “Can I customize my Maximo user interface to improve these issues?” The Short

 

How do we go about making the font size larger?

Open the Long Description or Log. From the middle drop-down column (size) you can choose your font size.

The catch…

You must go into system properties and make a change to the global property (webcient.richtext.blocknode.)

If you do not take the step above, each carriage return (geek speak for hitting enter) makes the font size small again. Every subsequent Log or Description that you edit will also need to be changed when you open it to edit.

Is there a way to just have the font size bigger than xx-small in when you open any new or old log or long description in IBM Maximo?

The answer is yes, but you’ll have to roll your sleeves up and do a little bit of work to make it so.

Font sizes in IBM Maximo’s Long Descriptions and Logs revolve around the rich text editor. The rich text editor does not allow for sizing fonts easily. With some determination, you can get those fonts changed into something you won’t have to strain your eyes to read. If you want to make those Long Descriptions and Logs readable then you’re going to have to edit some CSS (cascading style sheets) files. CSS allows for bulk “styles” to re-occur across the website that they are applied to. IBM Maximo is a web application, so this is where we start.

Here’s how…

Buried in the IBM Maximo directories are files that make Maximo work. The ear file will be our focus, but there are others that also assist in Maximo’s functionality. On the application server (the machine that hosts IBM Maximo), you will have a directory that gets installed that contains the CSS information to display Maximo. Navigate to [maximo-folder]\applications\maximo\maximouiweb\webmodule\webclient\css and search for the ‘extended.css’ file. Open it and add the following lines of code to the end of the page.

#dijitEditorBody {

Font-size: 20px

}

 

The second location of an extended.css file that needs to be edited is in the following path, [maximo-folder]\applications\maximo\maximouiweb\webmodule\webclient\skins\iot18\css.

For the latest versions of IBM Maximo (7.6+), the iot18 folder is significant. The reason for this is, other articles mention to add the edited extended.css file to a folder called tivoli09. To save time, understand that the Tivoli directories were made for older versions of Maximo like 7.5 and prior. If you are using a newer version of Maximo look for the iot18 directory. You will edit this extended.css file in the same manner as the last one by adding the lines below to the end of the css file:

#dijitEditorBody {

Font-size: 20px

}

Next, you will need to rebuild the ear file for IBM Maximo and re-deploy it to your Maximo user interface. The 20px setting will default the text to medium in the logs and Long Descriptions.

Originally there were some hesitations on using CSS to fix this problem. It was thought that the change could affect the reports and the way they looked when generated. We have not seen that happen after making these changes.

We want to hear your thoughts about our helpful guide. Please comment below or send your inquiries to:

info@a3jgroup.com

Stay tuned for more helpful articles that will #MaximizeYourMaximo experience and the capabilities of your user interface!