STIGQter: STIG Summary: IBM Hardware Management Console (HMC) STIG Version: 1 Release: 5 Benchmark Date: 20 Jan 2015:

Processor Resource/Systems Manager (PR/SM) must not allow unrestricted issuing of control program commands.

DISA Rule

SV-30055r2_rule

Vulnerability Number

V-24380

Group Title

HLP0030

Rule Version

HLP0030

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Review the Security Definition parameters specified under PR/SM, and turn off the Cross Partition Control option.

Check Contents

Using the Hardware Management Console, verify that the Logical Partitions cannot issue control program commands to another Logical Partition. Use the PR/SM panel, known as the Security Definitions Page, to do this. The Cross Partition Control option must be turned off.

NOTE: The default is that the Cross Partition Control option is turned off.

If Processor Resource/Systems Manager (PR/SM) allows unrestricted issuing of control program commands then this is a FINDING

Vulnerability Number

V-24380

Documentable

False

Rule Version

HLP0030

Severity Override Guidance

Using the Hardware Management Console, verify that the Logical Partitions cannot issue control program commands to another Logical Partition. Use the PR/SM panel, known as the Security Definitions Page, to do this. The Cross Partition Control option must be turned off.

NOTE: The default is that the Cross Partition Control option is turned off.

If Processor Resource/Systems Manager (PR/SM) allows unrestricted issuing of control program commands then this is a FINDING

Check Content Reference

M

Responsibility

Systems Programmer

Target Key

1891

Comments