IBM RACF must define WARN = NO on all profiles.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-223703 | RACF-ES-000560 | SV-223703r991591_rule | CCI-000366 | high |
| Description | ||||
| Failure to restrict system access to authenticated users negatively impacts operating system security. | ||||
| STIG | Date | |||
| IBM z/OS RACF Security Technical Implementation Guide | 2025-06-24 | |||
Details
Check Text (C-223703r991591_chk)
Review all Dataset and resource profiles in the RACF database.
If any are not defined with WARN = NO, this is a finding.
Fix Text (F-25364r514798_fix)
Define each dataset and resource profile with WARN = NO