IDMS must allow only authorized users to sign on to an IDMS CV.
An XCCDF Rule
Description
<VulnDiscussion>Unauthorized users signing on to IDMS can pose varying amounts of risk depending upon the security of the IDMS resources in an IDMS CV. Until the IDMS sign-on resource type (SGON) is secured anyone can sign on to IDMS. This risk can be mitigated by securing the SGON resource.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-251584r960792_rule
- Severity
- High
- References
- Updated
Remediation - Manual Procedure
In the source for RHDCSRTT add a #SECRTT entry to secure the sign-on process such as this example:
#SECRTT TYPE=ENTRY, X
RESTYPE=SGON, X
SECBY=EXTERNAL, X
EXTCLS='CA@IDMS', X