Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
CL/SuperSession is not properly defined to the Facility Matrix Table for Top Secret.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-17469 | ZCLST036 | SV-27240r1_rule | Medium |
| Description |
|---|
| Improperly defined security controls for the Product could result in the compromise of the network, operating system, and customer data. |
| STIG | Date |
|---|---|
| z/OS CL/SuperSession for TSS STIG | 2017-06-26 |
Details
| Check Text ( C-3215r1_chk ) |
|---|
| a) Refer to the following report produced by the TSS Data Collection: - TSSCMDS.RPT(FACLIST) - Preferred report containing all control option values in effect including default values - TSSCMDS.RPT(TSSPRMFL) - Alternate report containing only control option values explicitly coded at TSS startup b) If KLS is properly defined in the Facility Matrix table, there is NO FINDING: c) If KLS is improperly defined in the Facility Matrix table, this is a FINDING. |
| Fix Text (F-6659r1_fix) |
|---|
| Define the CT/Engine started task name KLS as a Facility to TOP SECRET in the Facility Matrix Table using the following example: *KLS CL/SUPERSESSION FACILITY(USERxx=NAME=KLS) FACILITY(KLS=MODE=FAIL,ACTIVE,SHRPRF) FACILITY(KLS=PGM=KLV,NOASUBM,NOABEND,NOXDEF) FACILITY(KLS=ID=xx,MULTIUSER,RES,LUMSG,STMSG,WARNPW,SIGN(M)) FACILITY(KLS=NOINSTDATA,NORNDPW,AUTHINIT,NOPROMPT,NOAUDIT) FACILITY(KLS=NOTSOC,LOG(INIT,SMF,MSG,SEC9)) |