STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

The IBM z/VM CP Privilege Class A, B, and D must be restricted to appropriate system operators.

DISA Rule

SV-93639r1_rule

Vulnerability Number

V-78933

Group Title

SRG-OS-000324-GPOS-00125

Rule Version

IBMZ-VM-001010

Severity

CAT II

CCI(s)

CCI-002235 - The information system prevents non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.

Weight

Fix Recommendation

Ensure that non-privilege users are not assigned CP Privilege Class A, B, or D.

Check Contents

Examine user directory definitions to determine CP Privilege class.

If CP Privilege Class A, B, or D is assigned to non-privilege users, this is a finding.

Vulnerability Number

V-78933

Documentable

False

Rule Version

IBMZ-VM-001010

Severity Override Guidance

Examine user directory definitions to determine CP Privilege class.

If CP Privilege Class A, B, or D is assigned to non-privilege users, this is a finding.

Check Content Reference

Target Key

3211

The IBM z/VM CP Privilege Class A, B, and D must be restricted to appropriate system operators.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments