Skip to content

IDMS must suppress security-related messages so that no information is returned that can be exploited.

An XCCDF Rule

Description

<VulnDiscussion>Error messages issued to non-privileged users may have contents that should be considered confidential. IDMS should be configured so that these messages are not issued to those users.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-251624r807739_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Reassemble, relink, and reload (V NC) RHDCOPTF with #DEFOPTF OPT00051 (for messages sent to user) and optional #DEFOPTF OPT00226 (for messages sent to IDMS log).