ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
In DLP version 12.0 and prior, administrators can bypass the reset on their passwords to strong versions
Article ID: 161360
Data Loss Prevention Enforce
When enabling strong password enforcement in DLP versions 12.0 and prior, administrators are able to specify existing weak password in the password update dialogue without error, allowing them to continue to use the weak password.
Symantec implemented a fix for this in DLP 12.5. It is strongly recommended that customers upgrade to this build to address this vulnerability.