STIGQter: STIG Summary: IBM z/OS RACF Security Technical Implementation Guide Version: 8 Release: 3 Benchmark Date: 23 Apr 2021:

IBM RACF must define UACC of NONE on all profiles.

DISA Rule

SV-223777r604139_rule

Vulnerability Number

V-223777

Group Title

SRG-OS-000370-GPOS-00155

Rule Version

RACF-OS-000210

Severity

CAT I

CCI(s)

• CCI-001774 - The organization employs a deny-all, permit-by-exception policy to allow the execution of authorized software programs on the information system.

Weight

10

Fix Recommendation

Define each dataset and resource profile with UACC(NONE)

Check Contents

Review all Dataset and resource profiles in the RACF database.

If any are not defined with UACC NONE, this is a finding.

Vulnerability Number

V-223777

Documentable

False

Rule Version

RACF-OS-000210

Severity Override Guidance

Review all Dataset and resource profiles in the RACF database.

If any are not defined with UACC NONE, this is a finding.

Check Content Reference

M

Target Key

4101

Comments