Documentation - V-224306

V-224306

z/OS IBM CICS Transaction Server for ACF2 Security Technical Implementation Guide

CAT II

Title

CICS default logonid(s) must be defined and/or controlled in accordance with the security requirements.

Description

<VulnDiscussion>CICS is a transaction-processing product that provides programmers with the facilities to develop interactive applications. Improperly defined or controlled CICS userids (i.e., region, default, and terminal users) may provide an exposure and vulnerability within the CICS environment. This could result in the compromise of the confidentiality, integrity, and availability of the CICS region, applications, and customer data.</VulnDiscussion><FalsePositives></FalsePositives><FalseNeg...

Fix Text (Documentation Requirement)

Ensure that the default CICS user is restricted and properly defined. Ensure the following items are in effect for the CICS default logonid(s) (i.e., Browse the ACF2PARM DD statement for DEFAULT TERMINAL=<parameter> and DEFAULT NONTERMINAL=nnnnnnnn): Not granted the ACF2 NON-CNCL privilege. Use the ACF2 LIST command to display the default CICS userid. Example: SET LID LIST CICS CHANGE CICS NONON-CNCL No access to interactive online facilities (e.g., TSO) other than CICS. Use the ACF2 LIST command to display the default CICS userid. Example: SET LID LIST CICS CHANGE CICS NOTSO IDLE(15) field is set to 15 minutes, up to 30 with justification. Use the ACF2 LIST command to display the default CICS userid. Example: SET LID LIST CICS CHANGE CICS IDLE(15) up to 30 with justification Res...

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel