Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
IDMS must protect against the use of default userids.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-251594 | IDMS-DB-000140 | SV-251594r807649_rule | Low |
| Description |
|---|
| Default sign-ons can be used by individuals to perform adverse actions anonymously. |
| STIG | Date |
|---|---|
| CA IDMS Security Technical Implementation Guide | 2022-09-07 |
Details
| Check Text ( C-55029r807647_chk ) |
|---|
| Examine load module "RHDCSRTT" by executing CA IDMS utility "IDMSSRTD", or by issuing command "DCMT DISPLAY SRTT" while signed onto the CV, and reviewing the output. Note: This requires PTFs SO07995 and SO09476. If the TYPE=INITIAL #SECRTT has DFLTSGN=YES specified, this is a finding. If DFLTUID is defined, this is a finding. |
| Fix Text (F-54983r807648_fix) |
|---|
| Set DFLTSGN=NO and remove the DFLTUID from the #SECRTT INITIAL macro that is input to the RHDCSRTT module, then reassemble and relink RHDCSRTT. After making the above changes, assemble and link RHDCSRTT to create a new SRTT. To implement the new SRTT, either recycle any CVs that use the SRTT or issue these commands: DCMT VARY NUCLEUS MODULE RHDCSRTT NEW COPY DCMT VARY NUCLEUS RELOAD |