STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

IBM z/OS must not have Inaccessible APF libraries defined.

DISA Rule

SV-224007r561402_rule

Vulnerability Number

V-224007

Group Title

SRG-OS-000095-GPOS-00049

Rule Version

TSS0-OS-000110

Severity

CAT II

CCI(s)

• CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

10

Fix Recommendation

Review the entire list of APF authorized libraries and remove those that are no longer valid designations.

Check Contents

Refer to IEASYS00 member in SYS1.PARMLIB Concatenation. Determine proper APF and/or PROG member.
Examine each entry and verify that it exists on the specified volume.

If inaccessible APF libraries exist, this is a finding.

ISRDDN APF

Vulnerability Number

V-224007

Documentable

False

Rule Version

TSS0-OS-000110

Severity Override Guidance

Refer to IEASYS00 member in SYS1.PARMLIB Concatenation. Determine proper APF and/or PROG member.
Examine each entry and verify that it exists on the specified volume.

If inaccessible APF libraries exist, this is a finding.

ISRDDN APF

Check Content Reference

M

Target Key

4102

Comments