IDMS must protect against the use of default userids.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-251594 | IDMS-DB-000140 | SV-251594r807649_rule | Low |
| Description |
|---|
| Default sign-ons can be used by individuals to perform adverse actions anonymously. |
| STIG | Date |
|---|---|
| CA IDMS Security Technical Implementation Guide | 2022-09-07 |
Details
| Check Text ( C-55029r807647_chk ) |
|---|
| Examine load module "RHDCSRTT" by executing CA IDMS utility "IDMSSRTD", or by issuing command "DCMT DISPLAY SRTT" while signed onto the CV, and reviewing the output. Note: This requires PTFs SO07995 and SO09476. If the TYPE=INITIAL #SECRTT has DFLTSGN=YES specified, this is a finding. If DFLTUID is defined, this is a finding. |
| Fix Text (F-54983r807648_fix) |
|---|
| Set DFLTSGN=NO and remove the DFLTUID from the #SECRTT INITIAL macro that is input to the RHDCSRTT module, then reassemble and relink RHDCSRTT. After making the above changes, assemble and link RHDCSRTT to create a new SRTT. To implement the new SRTT, either recycle any CVs that use the SRTT or issue these commands: DCMT VARY NUCLEUS MODULE RHDCSRTT NEW COPY DCMT VARY NUCLEUS RELOAD |