Maintenance for security-related software updates for CA IDMS modules must be provided.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-251650 | IDMS-DB-000890 | SV-251650r1001008_rule | CCI-002605 | medium |
| Description | ||||
| When a problem is found in IDMS, corrective maintenance is published to correct the problem (including security related problems). Published fixes should be applied to the IDMS system to correct any problems found. | ||||
| STIG | Date | |||
| CA IDMS Security Technical Implementation Guide | 2024-09-13 | |||
Details
Check Text (C-251650r1001008_chk)
Determining which PTFs have been applied, a query can be done to an SMP/E CSI using the IBM SMP/E utility.
New and existing PTFs must be reviewed using CA CARS or CSO in a timeframe determined by an authoritative source. If not, this is a finding.
Fix Text (F-55039r807816_fix)
Institute and adhere to policies and procedures to ensure that patches are consistently applied to the IDMS within the time allowed.