STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

CA VM:Secure product ADMIN GLOBALS command must be restricted to systems programming personnel.

DISA Rule

SV-93597r1_rule

Vulnerability Number

V-78891

Group Title

SRG-OS-000132-GPOS-00067

Rule Version

IBMZ-VM-000690

Severity

CAT II

CCI(s)

• CCI-001082 - The information system separates user functionality (including user interface services) from information system management functionality.

Weight

10

Fix Recommendation

Configure grant statements in the “AUTHORIZ” file using the “ADMIN GLOBALS” command that list Sys Admins only.

Check Contents

Examine the “AUTHORIZ” config file.

If authorization to “ADMIN GLOBALS” is granted to “SYS Admin”, this is not a finding.

Vulnerability Number

V-78891

Documentable

False

Rule Version

IBMZ-VM-000690

Severity Override Guidance

Examine the “AUTHORIZ” config file.

If authorization to “ADMIN GLOBALS” is granted to “SYS Admin”, this is not a finding.

Check Content Reference

M

Target Key

3211

Comments