STIGQter: STIG Summary: IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:

The SSH CLI of the MQ Appliance network device must terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after 10 minutes of inactivity except to fulfill documented and validated mission requirements.

DISA Rule

SV-89653r1_rule

Vulnerability Number

V-74979

Group Title

SRG-APP-000190-NDM-000267

Rule Version

MQMH-ND-000760

Severity

CAT II

CCI(s)

• CCI-001133 - The information system terminates the network connection associated with a communications session at the end of the session or after an organization-defined time period of inactivity.

Weight

10

Fix Recommendation

Log on to the MQ Appliance CLI as a privileged user.

Enter:
co
rbm
idle-timeout <600 seconds or less>
exit
write mem
y

Check Contents

Log on to the MQ Appliance CLI as a privileged user.

Enter:
co
rbm
show

If the idle-timeout value is not 600 seconds or less, this is a finding.

Vulnerability Number

V-74979

Documentable

False

Rule Version

MQMH-ND-000760

Severity Override Guidance

Log on to the MQ Appliance CLI as a privileged user.

Enter:
co
rbm
show

If the idle-timeout value is not 600 seconds or less, this is a finding.

Check Content Reference

M

Target Key

3243

Comments