STIGQter STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

The number of CA-TSS ACIDs possessing the tape Bypass Label Processing (BLP) privilege must be limited.

DISA Rule

SV-223875r561402_rule

Vulnerability Number

V-223875

Group Title

SRG-OS-000080-GPOS-00048

Rule Version

TSS0-ES-000020

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Review all ACIDs with the BLP attribute. Evaluate the impact of removing BLP access from unauthorized personnel. Develop a plan of action and remove BLP access from unauthorized ACIDs.

Check Contents

From the ISPF Command Shell enter:
TSS LIST(ACIDS) DATA(BASIC)

If only authorized personnel have BLP access and documentation for access is on file with the ISSO, this is not a finding.

Vulnerability Number

V-223875

Documentable

False

Rule Version

TSS0-ES-000020

Severity Override Guidance

From the ISPF Command Shell enter:
TSS LIST(ACIDS) DATA(BASIC)

If only authorized personnel have BLP access and documentation for access is on file with the ISSO, this is not a finding.

Check Content Reference

M

Target Key

4102

Comments