IBM Support

OA65833: COMPLIANCE CONTROLS DO NOT USE EFFECTIVE PRE-SELECTION FOR THE ACF2_SENSRESOURCE_ACCESS NEWLIST

A fix is available

Obtain the fix for this APAR.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Compliance controls do not use effective pre-selection for the
ACF2_SENSRESOURCE_ACCESS newlist.

This can result in higher CPU and storage usage.

Local fix

  • N/A

Problem summary

  • ****************************************************************
* USERS AFFECTED: Users of zSecure Audit exploiting the ACF2   *
*                 STIG compliance controls ACF2-TC-000030 and  *
*                 ZISFA020.                                    *
****************************************************************
* PROBLEM DESCRIPTION: zSecure Audit might consume excessive   *
*                      amount of consumed CPU time and storage *
*                      while evaluating the ACF2 STIG          *
*                      compliance controls ACF2-TC-000030 and  *
*                      ZISFA020.                               *
****************************************************************
* RECOMMENDATION: Apply the PTF provided and review the        *
*                 documentation updates.                       *
****************************************************************
The evaluation of the ACF2 STIG compliance controls
ACF2-TC-000030 (IBM z/OS TCP/IP resources must be properly
protected) and ZISFA020 (IBM System Display and Search Facility
(SDSF) resources must be properly defined and protected)
performed by zSecure Audit might result in excessive amount of
consumed CPU time and storage.

Problem conclusion

  • zSecure Audit has been modified, so that the CPU time and
storage demands required for the evaluation of the ACF2 STIG
compliance controls ACF2-TC-000030 and ZISFA020 are reduced.
Please note the documentation update as provided by the APAR
tracking comment data.

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    OA65833
    • 

  • Reported component name
    AUDIT-R,A,T ACF
    • 

  • Reported component ID
    5655T0200
    • 

  • Reported release
    250
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2023-11-23
    • 

  • Closed date
    2023-12-13
    • 

  • Last modified date
    2023-12-15
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    
UJ94310 UJ94311
    

    • 



Modules/Macros


    

  • C2AHSF20 C2AHT030

    



Fix information


    

  • Fixed component name
    AUDIT-R,A,T ACF
    • 

  • Fixed component ID
    5655T0200
    • 



Applicable component levels


    

  • R250  PSY  UJ94311
       UP23/12/15  I  1000
    • 

  • R310  PSY  UJ94310
       UP23/12/15  I  1000
    • 



Fix is available


    

  • Select the PTF appropriate for your component level.
You will be required to sign in. Distribution on physical
media is not available in all countries.
    








      
              
                            

              

              [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSRQGZ","label":"IBM Security zSecure Audit for ACF2"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"250","Line of Business":{"code":"LOB24","label":"Security Software"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            15 December 2023
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback