IDMS components that cannot be uninstalled must be disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-251610 | IDMS-DB-000300 | SV-251610r960963_rule | CCI-000381 | low |
| Description | ||||
| DBMSs must adhere to the principles of least functionality by providing only essential capabilities. At installation, all CA IDMS products are installed but can be disabled (i.e., forced to fail if invoked). | ||||
| STIG | Date | |||
| CA IDMS Security Technical Implementation Guide | 2024-09-13 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-7
1.00
- DISA · V2R1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.4.6
1.00
- DISA · V2R1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000381
1.00
- DISA · V2R1 · disa_xccdf · related
Details
Check Text (C-251610r960963_chk)
Log on to IDMS DC system and issue DCPROFIL. Scroll to the Product Intent Status screen. If any unused product has a status of "YES", this is a finding.
Fix Text (F-54999r807696_fix)
Edit RHDCPINT source and remove or comment out products identified as unused. Reassemble, relink, and implement changes by either recycling any affected CV or by issuing the following commands in any affected CV:
DCMT VARY NUCLEUS MODULE RHDCPINT NEW COPY
DCMT VARY NUCLEUS RELOAD