STIGQter: STIG Summary: IBM MQ Appliance V9.0 AS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:

The MQ Appliance messaging server must remove all export ciphers to protect the confidentiality and integrity of transmitted information.

DISA Rule

SV-89535r1_rule

Vulnerability Number

V-74861

Group Title

SRG-APP-000439-AS-000274

Rule Version

MQMH-AS-001240

Severity

CAT II

CCI(s)

• CCI-002418 - The information system protects the confidentiality and/or integrity of transmitted information.

Weight

10

Fix Recommendation

To access the MQ Appliance CLI, for each queue manager, enter:

mqcli
runmqsc [queue manager name]
ALTER QMGR SSLFIPS(YES)
end

Check Contents

To access the MQ Appliance CLI, enter:
mqcli

To identify the queue managers, enter:
dspmq

For each queue manager identified, run the command:
runmqsc [queue name]

DIS QMGR SSLFIPS

If the value of "SSLFIPS" is set to "NO", this is a finding.

Vulnerability Number

V-74861

Documentable

False

Rule Version

MQMH-AS-001240

Severity Override Guidance

To access the MQ Appliance CLI, enter:
mqcli

To identify the queue managers, enter:
dspmq

For each queue manager identified, run the command:
runmqsc [queue name]

DIS QMGR SSLFIPS

If the value of "SSLFIPS" is set to "NO", this is a finding.

Check Content Reference

M

Target Key

3239

Comments