IDMS must protect against the use of default userids.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| low | V-251594 | SRG-APP-000080-DB-000063 | IDMS-DB-000140 | SV-251594r960864_rule | 2024-09-13 | 2 |
| Description |
|---|
| Default sign-ons can be used by individuals to perform adverse actions anonymously. |
| ℹ️ Check |
|---|
| Examine load module "RHDCSRTT" by executing CA IDMS utility "IDMSSRTD", or by issuing command "DCMT DISPLAY SRTT" while signed onto the CV, and reviewing the output. Note: This requires PTFs SO07995 and SO09476. If the TYPE=INITIAL #SECRTT has DFLTSGN=YES specified, this is a finding. If DFLTUID is defined, this is a finding. |
| ✔️ Fix |
|---|
| Set DFLTSGN=NO and remove the DFLTUID from the #SECRTT INITIAL macro that is input to the RHDCSRTT module, then reassemble and relink RHDCSRTT. After making the above changes, assemble and link RHDCSRTT to create a new SRTT. To implement the new SRTT, either recycle any CVs that use the SRTT or issue these commands: DCMT VARY NUCLEUS MODULE RHDCSRTT NEW COPY DCMT VARY NUCLEUS RELOAD |