The IBM z/VM TCP/IP configuration must include an SSLSERVERID statement.
DISA Rule
SV-93565r1_rule
Vulnerability Number
V-78859
Group Title
SRG-OS-000033-GPOS-00014
Rule Version
IBMZ-VM-000110
Severity
CAT II
CCI(s)
- CCI-000068 - The information system implements cryptographic mechanisms to protect the confidentiality of remote access sessions.
- CCI-001453 - The information system implements cryptographic mechanisms to protect the integrity of remote access sessions.
- CCI-002418 - The information system protects the confidentiality and/or integrity of transmitted information.
- CCI-002421 - The information system implements cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission unless otherwise protected by organization-defined alternative physical safeguards.
- CCI-002422 - The information system maintains the confidentiality and/or integrity of information during reception.
- CCI-002890 - The information system implements cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications.
- CCI-003123 - The information system implements cryptographic mechanisms to protect the confidentiality of nonlocal maintenance and diagnostic communications.
Weight
10
Fix Recommendation
Configure the “SSLSERVERID” statement to force auto logging of an SSL server before all other servers in the “AUTOLOG” list.
Check Contents
Examine the “SSLSERVERID” statement in the TCP/IP server configuration file.
If the “SSLSERVERID” statement identifies at least one userID for an SSL server, this is not a finding.
Vulnerability Number
V-78859
Documentable
False
Rule Version
IBMZ-VM-000110
Severity Override Guidance
Examine the “SSLSERVERID” statement in the TCP/IP server configuration file.
If the “SSLSERVERID” statement identifies at least one userID for an SSL server, this is not a finding.
Check Content Reference
M
Target Key
3211
Comments
STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018: