UCF STIG Viewer Logo

IDMS must suppress security-related messages so that no information is returned that can be exploited.


Overview

Finding ID Version Rule ID IA Controls Severity
V-251624 IDMS-DB-000530 SV-251624r807739_rule Medium
Description
Error messages issued to non-privileged users may have contents that should be considered confidential. IDMS should be configured so that these messages are not issued to those users.
STIG Date
CA IDMS Security Technical Implementation Guide 2022-09-07

Details

Check Text ( C-55059r807737_chk )
Log on to IDMS DC system and issue "DCPROFIL". Scroll to the OPTION FLAGS screen. If "OPT00051" is not listed, this is a finding.

For IDMS LOG messages, if OPT00226 is not listed, this is a finding.
Fix Text (F-55013r807738_fix)
Reassemble, relink, and reload (V NC) RHDCOPTF with #DEFOPTF OPT00051 (for messages sent to user) and optional #DEFOPTF OPT00226 (for messages sent to IDMS log).