STIGQter STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

CA-TSS user accounts must uniquely identify system users.

DISA Rule

SV-223952r561402_rule

Vulnerability Number

V-223952

Group Title

SRG-OS-000109-GPOS-00056

Rule Version

TSS0-ES-000790

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Identify user accounts defined to the ESM that are being shared among multiple users. This may require interviews with appropriate system-level support personnel. Remove the shared user accounts from the ESM.

Check Contents

Obtain a list of all userids that are shared among multiple users (i.e., not uniquely identified system users).

If there are no shared userids on this domain, this is not a finding.

If there are shared userids on this domain, this is a finding.

NOTE: Userid

Vulnerability Number

V-223952

Documentable

False

Rule Version

TSS0-ES-000790

Severity Override Guidance

Obtain a list of all userids that are shared among multiple users (i.e., not uniquely identified system users).

If there are no shared userids on this domain, this is not a finding.

If there are shared userids on this domain, this is a finding.

NOTE: Userid

Check Content Reference

M

Target Key

4102

Comments