STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

CA VM:Secure product PASSWORD user exit must be coded with the PWLIST option properly set.

DISA Rule

SV-93579r1_rule

Vulnerability Number

V-78873

Group Title

SRG-OS-000077-GPOS-00045

Rule Version

IBMZ-VM-000510

Severity

CAT II

CCI(s)

• CCI-000200 - The information system prohibits password reuse for the organization-defined number of generations.

Weight

10

Fix Recommendation

Engineer code in the CA VM:Secure Product PASSWORD user exit that uses a “PWLIST” that prohibits password reuse for five generations.

Check Contents

If there is no CA VM:Secure Product PASSWORD user exit in use, this is a finding.

Examine the CA VM:Secure product PASSWORD user exit for requirement that uses a “PWLIST” option that prohibits password reuse for five generations.

If this code is missing, this is a finding.

Vulnerability Number

V-78873

Documentable

False

Rule Version

IBMZ-VM-000510

Severity Override Guidance

If there is no CA VM:Secure Product PASSWORD user exit in use, this is a finding.

Examine the CA VM:Secure product PASSWORD user exit for requirement that uses a “PWLIST” option that prohibits password reuse for five generations.

If this code is missing, this is a finding.

Check Content Reference

M

Target Key

3211

Comments