CVE-2019-4565

Name of the Vulnerable Software and Affected Versions IBM Security Key Lifecycle Manager versions 3.0 through 3.0.1

Description The issue is related to the default password strength requirements. By default, strong passwords are not required, making it easier for attackers to compromise user accounts.

Recommendations For IBM Security Key Lifecycle Manager versions 3.0 through 3.0.1, consider enforcing strong password policies to mitigate the risk of account compromise. As a temporary workaround, restrict access to sensitive areas of the system until a more robust password requirement is implemented.