IBM Support

OA56392: VERIFY PASSWORD DOES NOT DETECT ANY HASHED PASSWORDS IN A NON-KDFAES ENVIRONMENT IF ICHDEX01 RETURNS RC=4 OR 16

A fix is available

Obtain the fix for this APAR.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Verify Password does not detect any HASHED passwords in a
non-KDFAES environment if ICHDEX01 returns RC=4 or 16.

Local fix

  • N/A

Problem summary

  • ****************************************************************
* USERS AFFECTED: Users of zSecure Admin/Audit exploiting the  *
*                 interactive option AU.V - Verify Password    *
*                 and the 'VERIFY PASSWORD' CARLa statement.   *
****************************************************************
* PROBLEM DESCRIPTION: zSecure Admin/Audit does not detect     *
*                      hashed passwords in a non-KDFAES        *
*                      environment in cases where the ICHDEX01 *
*                      RACF exit (password authentication)     *
*                      returns RC=4 or 16.                     *
****************************************************************
* RECOMMENDATION: Apply the PTF provided.                      *
****************************************************************
When an ICHDEX01 RACF exit (password authentication) is
installed, the zSecure Admin/Audit does not detect hashed
passwords in a non-KDFAES environment in cases where the
ICHDEX01 exit routine returns RC=4 or 16.

Problem conclusion

  • zSecure Admin/Audit has been modified so the password
verification audit function reports that the the system uses
password hashing in a non-KDFAES environment with an ICHDEX01
RACF exit in cases where the exit returns RC=4 or 16.

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    OA56392
    • 

  • Reported component name
    ZSEC BASE,ADMIN
    • 

  • Reported component ID
    5655T0100
    • 

  • Reported release
    220
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2018-10-24
    • 

  • Closed date
    2018-12-19
    • 

  • Last modified date
    2019-01-02
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    
UA98238 UA98239 UA98240 UA98241
    

    • 



Modules/Macros


    

  • CKAVPWD  GKRVPWD

    



Fix information


    

  • Fixed component name
    ZSEC BASE,ADMIN
    • 

  • Fixed component ID
    5655T0100
    • 



Applicable component levels


    

  • R220  PSY  UA98238
       UP18/12/21  P  F812
    • 

  • R221  PSY  UA98239
       UP18/12/21  P  F812
    • 

  • R230  PSY  UA98240
       UP18/12/21  P  F812
    • 

  • R231  PSY  UA98241
       UP18/12/21  P  F812
    • 



Fix is available


    

  • Select the PTF appropriate for your component level.
You will be required to sign in. Distribution on physical
media is not available in all countries.
    








      
              
                            

              

              [{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSPQTM","label":"IBM Security zSecure Admin"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"220","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            16 August 2024
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback