A fix is available
APAR status
Closed as program error.
Error description
Incorrect non-compliant findings for ruleset ZCIC0040. Test 1.Unique_CICSUSER reports non-compliant findings when the same CICS region name, using the same userid, is used on multiple systems in the same complex. Test 2.Started_class reports non-compliant findings due to an incorrect check.
Local fix
N/A
Problem summary
**************************************************************** * USERS AFFECTED: Users of zSecure Audit exploiting the RACF * * STIG compliance rule set ZCIC0040 (CICS * * region user IDs). * **************************************************************** * PROBLEM DESCRIPTION: zSecure Audit RACF STIG compliance rule * * set ZCIC0040 (CICS region user IDs must * * be defined and controlled in accordance * * with security requirements) might * * report incorrect non-compliant results. * **************************************************************** * RECOMMENDATION: Apply the PTF provided. * **************************************************************** When multiple systems are specified in the input set for zSecure Audit, the RACF STIG compliance rule set ZCIC0040 incorrectly reports non-compliant results for test 1.Unique_CICSUSER (CICS region user IDs must not be used by other started tasks) when the same CICS region name, using the same user ID, is used on multiple systems in the same complex. The test 2.Started_class (CICS region must be defined to the STARTED class) also reports incorrect non-compliant results (even when only one system is specified in the input set).
Problem conclusion
zSecure Audit has been modified so that the RACF STIG compliance rule set ZCIC0040 delivers correct results.
Temporary fix
Comments
APAR Information
APAR number
OA63696
Reported component name
ZSEC BASE,ADMIN
Reported component ID
5655T0100
Reported release
250
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2022-08-26
Closed date
2022-08-30
Last modified date
2022-09-01
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UJ09115
Modules/Macros
CKAGCI40
Fix information
Fixed component name
ZSEC BASE,ADMIN
Fixed component ID
5655T0100
Applicable component levels
R250 PSY UJ09115
UP22/09/01 P F208
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSPQTM","label":"IBM Security zSecure Admin"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"250","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Document Information
Modified date:
01 September 2022