DFHH0003E A TDQ defined to the internal reader is accessible to unauthenticated users.
Explanation
At least one TD QUEUE defined to the internal reader and the IBM supplied transaction CECI are accessible to the default user or CICS security is turned off. This means anyone who can connect to the IP address and port number of one of the CICS regions shown can submit jobs to run on the z/OS system remotely without authentication.To review the details of the Health Check output use the TSO SDSF CK command. For more information, see Health Check panel (CK).
The regions shown have a RC/RSN with more specific information about why the region failed the check:
- 0805 A TDQ accesses INTRDR, CECI is installed and the DLFTUSER can run it
- 0806 The SVC99 does not support inquire of SYSOUT
- 0807 The checking module can't be linked to
- 0808 A TDQ accesses INTRDR, CECI is installed and SEC=NO
System action
The system continues processing.Operator response
Report this error to the System Programmer.System programmer response
Correct the security exposure which has been identified.Refer to the topic Checking CICS configuration with
IBM Health Checker for z/OS
in the CICS Knowledge Center for advice on best
practice.