BMC CONTROL-M configuration/parameter values must be specified properly.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-224577 | SRG-OS-000018 | ZCTMT040 | SV-224577r1145941_rule | 2025-09-28 | 7 |
| Description |
|---|
| BMC CONTROL-M configuration/parameters control the security and operational characteristics of products. If these parameter values are improperly specified, security and operational controls may be weakened. This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data. |
| ℹ️ Check |
|---|
| Refer to the following applicable report produced by the z/OS Data Collection: - IOA.RPT(SECPARM). Automated Analysis Refer to the following report produced by the z/OS Data Collection: - PDI(ZCTM0040). If the following keywords specify the values in the BMC CONTROL-M security parameter member, this is not a finding. Keyword Value DEFMCHKM $$CTMEDM SECTOLM NO DFMM01 EXTEND DFMM02 EXTEND DFMM08 EXTEND TSSJCARD U MSUBCHK NO |
| ✔️ Fix |
|---|
| The BMC CONTROL-M systems programmer will verify that any configuration/parameters that are required to control the security of the product are properly configured and syntactically correct. Set the standard values for the BMC CONTROL-M security parameters for the specific ACP environment along with additional IOA security parameters with standard values as documented below. Keyword Value DEFMCHKM $$CTMEDM SECTOLM NO DFMM01 EXTEND DFMM02 EXTEND DFMM08 EXTEND TSSJCARD U MSUBCHK NO |