IBM Security Key Lifecycle Manager 3.0 and 3.0.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 166626.Referenceshttps://www.ibm.com/support/pages/security-bulletin-ibm-security-key-lifecycle-manager-uses-weak-password-policy-cve-2019-4565https://exchange.xforce.ibmcloud.com/vulnerabilities/166626
