STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

The IBM z/VM ANY Privilege Class must not be listed for privilege commands.

DISA Rule

SV-93665r1_rule

Vulnerability Number

V-78959

Group Title

SRG-OS-000324-GPOS-00125

Rule Version

IBMZ-VM-001210

Severity

CAT II

CCI(s)

• CCI-002235 - The information system prevents non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.

Weight

10

Fix Recommendation

Review the defined-privileged commands.

Assure that CP privileged commands are not defined with a Privilege Class of “ANY”.

Check Contents

Examine defined-privileged commands.

If any of the defined-privileged commands are defined with Privilege Class “ANY”, this is a finding.

Vulnerability Number

V-78959

Documentable

False

Rule Version

IBMZ-VM-001210

Severity Override Guidance

Examine defined-privileged commands.

If any of the defined-privileged commands are defined with Privilege Class “ANY”, this is a finding.

Check Content Reference

M

Target Key

3211

Comments