V-6958 | High | WebSphere MQ channel security must be implemented in accordance with security requirements. | WebSphere MQ Channel security can be configured to provide authentication, message privacy, and message integrity between queue managers. Secure Sockets Layer (SSL) uses encryption techniques,... |
V-6960 | High | Websphere MQ switch profiles must be properly defined to the MQADMIN class.
| WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security... |
V-6959 | Medium | WebSphere MQ security class(es) is(are) defined improperly. | WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security... |
V-3903 | Medium | User timeout parameter values for WebSphere MQ queue managers are not specified in accordance with security requirements.
| Users signed on to a WebSphere MQ queue manager could leave their terminals unattended for long periods of time. This may allow unauthorized individuals to gain access to WebSphere MQ resources... |
V-31561 | Medium | Production WebSphere MQ Remotes must utilize Certified Name Filters (CNF) | IBM Websphere MQ can use a user ID associated with an ACP certificate as a channel user ID. When an entity at one end of an SSL channel receives a certificate from a remote connection, the entity... |
V-3904 | Medium | WebSphere MQ started tasks are not defined in accordance with the proper security requirements. | Started tasks are used to execute WebSphere MQ queue manager services. Improperly defined WebSphere MQ started tasks may result in inappropriate access to application resources and the loss of... |
V-3905 | Medium | WebSphere MQ all update and alter access to MQSeries/WebSphere MQ product and system data sets are not properly restricted | MVS data sets provide the configuration, operational, and executable properties of WebSphere MQ. Some data sets are responsible for the security implementation of WebSphere MQ. Failure to... |
V-6964 | Medium | WebSphere MQ dead letter and alias dead letter queues are not properly defined. | WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security... |
V-6962 | Medium | WebSphere MQ MQCONN Class resources must be protected properly. | WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security... |
V-6980 | Medium | WebSphere MQ channel security is not implemented in accordance with security requirements. | WebSphere MQ channel security can be configured to provide authentication, message privacy, and message integrity between queue managers. WebSphere MQ channels use SSL encryption techniques,... |
V-6973 | Medium | WebSphere MQ command resources defined to MQCMDS resource class are not protected in accordance with security requirements. | WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security... |
V-6965 | Medium | WebSphere MQ queue resource defined to the MQQUEUE resource class are not protected in accordance with security requirements. | WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security... |
V-6966 | Medium | WebSphere MQ Process resources are not protected in accordance with security requirements. | WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security... |
V-6967 | Medium | WebSphere MQ Namelist resources are not protected in accordance with security requirements. | WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security... |
V-6971 | Medium | WebSphere MQ context resources defined to the MQADMIN resource class are not protected in accordance with security requirements. | WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security... |
V-6975 | Medium | WebSphere MQ RESLEVEL resources in the MQADMIN resource class are not protected in accordance with security requirements. | WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security... |
V-6969 | Medium | WebSphere MQ alternate user resources defined to MQADMIN resource class are not protected in accordance with security requirements. | WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security... |