STIGQter: STIG Summary: IBM MQ Appliance V9.0 AS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:

The MQ Appliance messaging server must identify potentially security-relevant error conditions.

DISA Rule

SV-89553r1_rule

Vulnerability Number

V-74879

Group Title

SRG-APP-000266-AS-000168

Rule Version

MQMH-AS-000450

Severity

CAT II

CCI(s)

• CCI-000172 - The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.
• CCI-001312 - The information system generates error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.

Weight

10

Fix Recommendation

For each queue manager on the MQ Appliance, enable authority (AUTHOREV) event logging.

From the MQ Appliance CLI, enter the following:

runmqsc [queue mgr name]
ALTER QMGR AUTHOREV(ENABLED)
end

Check Contents

Establish an SSH command line session as an admin user.

To access the MQ Appliance CLI, enter:
mqcli

To identify the queue managers, enter:
dspmq

Run the "runmqsc [queue mgr name]" command for each running queue manager.

Once at the runmqsc prompt, enter:

DIS QMGR AUTHOREV
AUTHOREV(ENABLED) - should be the result.

If "AUTHOREV" logging is not "ENABLED", this is a finding.

Vulnerability Number

V-74879

Documentable

False

Rule Version

MQMH-AS-000450

Severity Override Guidance

Establish an SSH command line session as an admin user.

To access the MQ Appliance CLI, enter:
mqcli

To identify the queue managers, enter:
dspmq

Run the "runmqsc [queue mgr name]" command for each running queue manager.

Once at the runmqsc prompt, enter:

DIS QMGR AUTHOREV
AUTHOREV(ENABLED) - should be the result.

If "AUTHOREV" logging is not "ENABLED", this is a finding.

Check Content Reference

M

Target Key

3239

Comments