CVE-2019-4565

High

IBM Security Key Lifecycle Manager 3.0 and 3.0.1 does not require that users should have strong passwords by default, which makes it easier…

ibm·CWE-521·Published 2019-09-20

CVSS

7.5

EPSS

0.01

KEV

Exploits

cve.orgen

206 chars

IBM Security Key Lifecycle Manager 3.0 and 3.0.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 166626.

NVDen

206 chars

NVDes

240 chars

IBM Security Key Lifecycle Manager versiones 3.0 y 3.0.1, no requiere que los usuarios deban tener contraseñas seguras por defecto, lo que hace más fácil para los atacantes comprometer las cuentas de los usuarios. ID de IBM X-Force: 166626.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.0	Primary	cve.org	5.9	—	—	CVSS:3.0/A:N/S:U/PR:N/UI:N/I:N/AC:H/C:H/AV:N/E:U/RC:C/RL:O