For interactive sessions, IDMS must limit the number of concurrent sessions for the same user to one or allow unlimited sessions.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-251582 | SRG-APP-000001-DB-000031 | IDMS-DB-000010 | SV-251582r960735_rule | 2024-09-13 | 2 |
| Description |
|---|
| Multiple interactive sessions can provide a way to cause a DoS attack against IDMS if a user ID and password were compromised. Not allowing multiple sign-ons can mitigate the risk of malicious attacks using multiple sessions for a user. |
| ℹ️ Check |
|---|
| Use task SYSGEN if online, or program RHDCSGEN if batch. Sign on to the dictionary where the System definition is maintained: "SIGNON DICTIONARY SYSTEM.", for example. Enter: "DISPLAY SYSTEM 123." where 123 is the number of the system being checked. Scroll through the returned text until "MULTIPLE SIGNON" is found. If the associated value is "YES", this is a finding. |
| ✔️ Fix |
|---|
| Use TASK SYSGEN if online, or program RHDCSGEN if batch. Sign on to the dictionary where the system definition is maintained: "SIGNON DICTIONARY SYSTEM.", for example. Enter: "MODIFY SYSTEM 123 MULTIPLE SIGNON IS NO." where 123 is the number of the system being modified. Enter: "VALIDATE." Enter: "GENERATE." The change will become effective the next time the CV is stopped and started. |