Maintenance for security-related software updates for CA IDMS modules must be provided.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-251650 | IDMS-DB-000890 | SV-251650r1001008_rule | CCI-002605 | medium |
| Description | ||||
| When a problem is found in IDMS, corrective maintenance is published to correct the problem (including security related problems). Published fixes should be applied to the IDMS system to correct any problems found. | ||||
| STIG | Date | |||
| CA IDMS Security Technical Implementation Guide | 2024-09-13 | |||
Related Frameworks
5 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
SI-2
1.00
- DISA · V2R1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1713 mappings
3.14.1
1.00
- DISA · V2R1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.14.2
1.00
- DISA · V2R1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.14.3
1.00
- DISA · V2R1 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-002605
1.00
- DISA · V2R1 · disa_xccdf · related
Details
Check Text (C-251650r1001008_chk)
Determining which PTFs have been applied, a query can be done to an SMP/E CSI using the IBM SMP/E utility.
New and existing PTFs must be reviewed using CA CARS or CSO in a timeframe determined by an authoritative source. If not, this is a finding.
Fix Text (F-55039r807816_fix)
Institute and adhere to policies and procedures to ensure that patches are consistently applied to the IDMS within the time allowed.