STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

CA-TSS Batch ACID(s) submitted through RJE and NJE must be sourced.

DISA Rule

SV-223950r561402_rule

Vulnerability Number

V-223950

Group Title

SRG-OS-000104-GPOS-00051

Rule Version

TSS0-ES-000770

Severity

CAT II

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

10

Fix Recommendation

Ensure that all static batch ACIDs (ACIDs whose passwords never change) originating from a physical reader, RJE, or NJE are sourced to those readers such as (INTRDR, N12.IR, etc.) with the appropriate source Syntax. Example: TSS ADD(batch-acid) SOURCE(device)

Develop a plan of action and implement the changes as specified.

Check Contents

Refer to data obtained from the site installation identifying batch type ACIDs.

If all static batch ACIDs (ACIDs whose passwords never change) originating from a physical reader, RJE, or NJE are sourced to those readers such as (INTRDR, N12.IR, etc.) with the appropriate source Syntax, this is not a finding.

Vulnerability Number

V-223950

Documentable

False

Rule Version

TSS0-ES-000770

Severity Override Guidance

Refer to data obtained from the site installation identifying batch type ACIDs.

If all static batch ACIDs (ACIDs whose passwords never change) originating from a physical reader, RJE, or NJE are sourced to those readers such as (INTRDR, N12.IR, etc.) with the appropriate source Syntax, this is not a finding.

Check Content Reference

M

Target Key

4102

Comments