STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

The IBM z/VM Privilege Class F must be restricted to service representatives and system administrators only.

DISA Rule

SV-93663r1_rule

Vulnerability Number

V-78957

Group Title

SRG-OS-000324-GPOS-00125

Rule Version

IBMZ-VM-001200

Severity

CAT II

CCI(s)

CCI-002235 - The information system prevents non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.

Weight

Fix Recommendation

Configure CP Privilege Class F to service representatives and system administrators only.

Check Contents

Examine user directory definitions to determine Privilege Class.

If CP Privilege Class F is assigned to anyone other than a service representative or system administrator, this is a finding.

Vulnerability Number

V-78957

Documentable

False

Rule Version

IBMZ-VM-001200

Severity Override Guidance

Examine user directory definitions to determine Privilege Class.

If CP Privilege Class F is assigned to anyone other than a service representative or system administrator, this is a finding.

Check Content Reference

Target Key

3211

The IBM z/VM Privilege Class F must be restricted to service representatives and system administrators only.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments