STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

The CA-TSS AUTOERASE Control Option must be set to ALL for all systems.

DISA Rule

SV-223955r561402_rule

Vulnerability Number

V-223955

Group Title

SRG-OS-000138-GPOS-00069

Rule Version

TSS0-ES-000820

Severity

CAT II

CCI(s)

CCI-001090 - The information system prevents unauthorized and unintended information transfer via shared system resources.

Weight

Fix Recommendation

Configure the AUTOERASE control option is set to (ALL) for all systems to erase all residual information on DASD. Evaluate the impact associated with implementation of the control option. Develop a plan of action to set the AUTOERASE control option to (ALL) for all systems and implement.

Check Contents

From the ISPF Command Shell enter:
TSS MODIFY STATUS

If the AUTOERASE Control Option value is set to (ALL), this is not a finding.

Vulnerability Number

V-223955

Documentable

False

Rule Version

TSS0-ES-000820

Severity Override Guidance

From the ISPF Command Shell enter:
TSS MODIFY STATUS

If the AUTOERASE Control Option value is set to (ALL), this is not a finding.

Check Content Reference

Target Key

4102

The CA-TSS AUTOERASE Control Option must be set to ALL for all systems.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments