IBM Support

OA65833: COMPLIANCE CONTROLS DO NOT USE EFFECTIVE PRE-SELECTION FOR THE ACF2_SENSRESOURCE_ACCESS NEWLIST

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Compliance controls do not use effective pre-selection for the
    ACF2_SENSRESOURCE_ACCESS newlist.
    
    This can result in higher CPU and storage usage.
    

Local fix

  • N/A
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED: Users of zSecure Audit exploiting the ACF2   *
    *                 STIG compliance controls ACF2-TC-000030 and  *
    *                 ZISFA020.                                    *
    ****************************************************************
    * PROBLEM DESCRIPTION: zSecure Audit might consume excessive   *
    *                      amount of consumed CPU time and storage *
    *                      while evaluating the ACF2 STIG          *
    *                      compliance controls ACF2-TC-000030 and  *
    *                      ZISFA020.                               *
    ****************************************************************
    * RECOMMENDATION: Apply the PTF provided and review the        *
    *                 documentation updates.                       *
    ****************************************************************
    The evaluation of the ACF2 STIG compliance controls
    ACF2-TC-000030 (IBM z/OS TCP/IP resources must be properly
    protected) and ZISFA020 (IBM System Display and Search Facility
    (SDSF) resources must be properly defined and protected)
    performed by zSecure Audit might result in excessive amount of
    consumed CPU time and storage.
    

Problem conclusion

  • zSecure Audit has been modified, so that the CPU time and
    storage demands required for the evaluation of the ACF2 STIG
    compliance controls ACF2-TC-000030 and ZISFA020 are reduced.
    Please note the documentation update as provided by the APAR
    tracking comment data.
    

Temporary fix

Comments

APAR Information

  • APAR number

    OA65833

  • Reported component name

    AUDIT-R,A,T ACF

  • Reported component ID

    5655T0200

  • Reported release

    250

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2023-11-23

  • Closed date

    2023-12-13

  • Last modified date

    2023-12-15

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    UJ94310 UJ94311

Modules/Macros

  • C2AHSF20 C2AHT030
    

Fix information

  • Fixed component name

    AUDIT-R,A,T ACF

  • Fixed component ID

    5655T0200

Applicable component levels

  • R250 PSY UJ94311

       UP23/12/15 I 1000

  • R310 PSY UJ94310

       UP23/12/15 I 1000

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSRQGZ","label":"IBM Security zSecure Audit for ACF2"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"250","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
15 December 2023