All installation-delivered IDMS Developer-level Programs must be properly secured.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-251591 | IDMS-DB-000110 | SV-251591r960792_rule | CCI-000213 | medium |
| Description | ||||
| Developer-level programs that are not secured may allow unauthorized users to access and manipulate various resources within the DBMS. Satisfies: SRG-APP-000033-DB-000084, SRG-APP-000211-DB-000122 | ||||
| STIG | Date | |||
| CA IDMS Security Technical Implementation Guide | 2024-09-13 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
AC-3
1.00
- DISA · V2R1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.1.1
1.00
- DISA · V2R1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.1.2
1.00
- DISA · V2R1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000213
1.00
- DISA · V2R1 · disa_xccdf · related
Details
Check Text (C-251591r960792_chk)
The following are developer-level batch programs and are executed using JCL rather than the CV. As batch programs, they need to be secured in the external security manager (ESM) rather than through the SRTT.
Validate the following suggested developer-level programs are secured by the ESM.
ADSOBCOM
ADSORPTS
IDMSDMLA
IDMSDMLC
IDMSDMLP
IDMSLOOK
IDMSRPTS
RHDCMAP1
RHDCMPUT
Contact the security office to confirm that the programs in this list are secured. If they are not, this is a finding.
Fix Text (F-54980r807639_fix)
Contact the security office to confirm that the programs in this list are secured via the ESM and assigned to the appropriate users. Each program in the list must be secured.