IBM Support

OA51726: STIG RULE SET ACP00282 GIVES INCORRECT NON-COMPLIANT RESULT

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • STIG rule set ACP00282 (CKAGC282) reports non-compliance for
    test 7.access_other incorrectly.
    

Local fix

  • n/a
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED: Users of zSecure Audit exploiting STIG       *
    *                 compliance rule ACP00082.                    *
    ****************************************************************
    * PROBLEM DESCRIPTION: The zSecure Audit STIG compliance rule  *
    *                      ACP00082 does not use customization     *
    *                      members for the ALTER on OPERCMDS       *
    *                      profiles check.                         *
    ****************************************************************
    * RECOMMENDATION: Apply the PTF provided.                      *
    ****************************************************************
    The zSecure Audit STIG commpliance rule ACP00082 (MVS system
    commands) does not not use customization members to exclude
    users which results in false non-compliants.
    

Problem conclusion

  • zSecure Audit has been modified so that STIG rule ACP00082
    evaluation uses customization members to exclude users when
    checking ALTER on OPERCMDS profiles.
    

Temporary fix

Comments

APAR Information

  • APAR number

    OA51726

  • Reported component name

    ZSEC BASE,ADMIN

  • Reported component ID

    5655T0100

  • Reported release

    211

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2016-12-05

  • Closed date

    2017-02-06

  • Last modified date

    2017-03-01

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    UA83969 UA83970

Modules/Macros

  •    CKAGC282
    

Fix information

  • Fixed component name

    ZSEC BASE,ADMIN

  • Fixed component ID

    5655T0100

Applicable component levels

  • R220 PSY UA83969

       UP17/02/17 P F702

  • R221 PSY UA83970

       UP17/02/17 P F702

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU048","label":"IBM Software"}, "Product":{"code":"SSCE68R","label":"zSecure Admin"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"211","Edition":""}]

Document Information

Modified date:
01 March 2017