CL/SuperSession APPCLASS member is not configured in accordance with the proper security requirements.
An XCCDF Rule
Description
<VulnDiscussion>CL/SuperSession configuration/parameters control the security and operational characteristics of products. If these parameter values are improperly specified, security and operational controls may be weakened. This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-224288r519736_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
The Systems Programmer and IAO will ensure that the parameter options for member APPCLASS are coded to the below specifications.
Review the member APPCLASS in the TLVPARM DD statement concatenation of the CL/SuperSession STC procedure. (This member is located in SYS3.OMEGAMON.qualifier.RLSPARM.) Ensure all session manager security parameters and control options are in compliance according to the following:
VGWAPLST EXTERNAL=APL