Skip to content

Passwords sent through ODBC/JDBC must be encrypted.

An XCCDF Rule

Description

<VulnDiscussion>Unencrypted passwords transmitted from ODBC and JDBC may be intercepted to prevent their being intercepted in a plain-text format.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-251614r807709_rule
Severity
Low
References
Updated



Remediation - Manual Procedure

If using ODBC (with the CCI communications protocol) or a JDBC type 2 driver, SSL encryption can be enabled using CAICCI r2.1 and above. Select the SSL option in the CAICCI properties panel and configure and start the CCISSL task on the mainframe. 

If using ODBC (with the IDMS communications protocol), SSL encryption can be enabled by selecting the "SSL" check-box on the "Server" tab of the Data Source definition, and providing the certificate name(s) on the "SSL" tab within the CA IDMS ODBC Administrator.

If using a JDBC type 4 driver, SSL encryption can be enabled by using the SSL parameter on the JDBC connection URL. Setup is described in informational APAR QI83006 on CA Support Online.