UCF STIG Viewer Logo

zOS WebsphereMQ for RACF Security Technical Implementation Guide


Overview

Date Finding Count (17)
2021-12-14 CAT I (High): 2 CAT II (Med): 15 CAT III (Low): 0
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC I - Mission Critical Public)

Finding ID Severity Title
V-224558 High WebSphere MQ switch profiles must be properly defined to the MQADMIN class.
V-224551 High WebSphere MQ channel security must be implemented in accordance with security requirements.
V-224559 Medium WebSphere MQ MQCONN Class (Connection) resource definitions must be protected in accordance with security.
V-224555 Medium WebSphere MQ started tasks are not defined in accordance with the proper security requirements.
V-224554 Medium User timeout parameter values for WebSphere MQ queue managers are not specified in accordance with security requirements.
V-224557 Medium WebSphere MQ resource classes are not properly actived for security checking by the ACP.
V-224556 Medium WebSphere MQ all update and alter access to MQSeries/WebSphere MQ product and system data sets are not properly restricted
V-224553 Medium Production WebSphere MQ Remotes must utilize Certified Name Filters (CNF)
V-224552 Medium WebSphere MQ channel security is not implemented in accordance with security requirements.
V-224564 Medium WebSphere MQ Alternate User resources defined to MQADMIN resource class are not protected in accordance with security requirements.
V-224565 Medium WebSphere MQ context resources defined to the MQADMIN resource class are not protected in accordance with security requirements.
V-224566 Medium WebSphere MQ command resources defined to MQCMDS resource class are not protected in accordance with security requirements.
V-224567 Medium WebSphere MQ RESLEVEL resources in the MQADMIN resource class are not protected in accordance with security requirements.
V-224560 Medium WebSphere MQ dead letter and alias dead letter queues are not properly defined.
V-224561 Medium WebSphere MQ MQQUEUE (Queue) resource profiles defined to the MQQUEUE class are not protected in accordance with security requirements.
V-224562 Medium WebSphere MQ Process resource profiles defined in the MQPROC Class are not protected in accordance with security requirements.
V-224563 Medium WebSphere MQ Namelist resource profiles defined in the MQNLIST Class are not protected in accordance with security requirements.