ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

In DLP version 12.0 and prior, administrators can bypass the reset on their passwords to strong versions

book

Article ID: 161360

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

When enabling strong password enforcement in DLP versions 12.0 and prior, administrators are able to specify existing weak password in the password update dialogue without error, allowing them to continue to use the weak password.

Resolution

Symantec implemented a fix for this in DLP 12.5. It is strongly recommended that customers upgrade to this build to address this vulnerability.