CA IDMS must limit use of IDMS server used in issuing dynamic statements from client applications circumstances determined by the organization.
An XCCDF Rule
Description
<VulnDiscussion>Server tasks can execute dynamic SQL code and should be protected.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-251622r807733_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Create or modify as needed entries in the SRTT, then reassemble and relink module RHDCSRTT for the security domain. The external class and external name construction rules must be specified. The following is an example of how IDMSJSRV and CASERVER may be secured externally.
#SECRTT TYPE=ENTRY,RESTYPE=TASK,SECBY=OFF,EXTNAME=(RESTYPE,RESNAME),
EXTCLS='CA@IDMS'
#SECRTT TYPE=OCCUR,RESTYPE=TASK,RESNAME='IDMSJSRV', SECBY=EXT
#SECRTT TYPE=OCCUR,RESTYPE=TASK,RESNAME='CASERVER', SECBY=EXT