CVE-2020-4574

High

IBM Tivoli Key Lifecycle Manager does not require that users should have strong passwords by default, which makes it easier for attackers…

ibm·CWE-521·Published 2020-07-29

CVSS

7.5

EPSS

0.02

KEV

Exploits

cve.orgen

190 chars

IBM Tivoli Key Lifecycle Manager does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 184181.

NVDen

190 chars

IBM Tivoli Key Lifecycle Manager does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 184181.

IBM Tivoli Key Lifecycle Manager, no requiere que los usuarios deban tener contraseñas seguras por defecto, lo que facilita a atacantes comprometer cuentas de usuario. IBM X-Force ID: 184181

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.0	Primary	cve.org	7.4	—	—	CVSS:3.0/S:C/UI:R/PR:N/AV:N/I:N/C:H/AC:L/A:N/RC:C/RL:O/E:U
3.0	Primary	cve.org	7.4	—	—	CVSS:3.0/S:C/UI:R/PR:N/AV:N/I:N/C:H/AC:L/A:N/RC:C/RL:O/E:U
3.0	Secondary	NVD	7.4	2.8	4.0	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N