october 2018 maintenance release - dl.dod.cyber.mil · microsoft iis 7.0 site stig, version 1,...
TRANSCRIPT
OCTOBER 2018 MAINTENANCE RELEASE: STIGS TO BE RELEASED
Active Directory Domain STIG, Version 2, Release 11V-36438
Clarified to note query results require review to validate.
Adobe Acrobat Reader DC Classic Track STIG Benchmark, Version 1, Release 5Benchmark Update
Updated CPE identifier in CPE-Dictionary.
Adobe Acrobat Reader DC Continuous Track STIG Benchmark, Version 1, Release 4Benchmark Update
Updated CPE identifier in CPE-Dictionary.
AIX 6.1 STIG, Version 1, Release 14V-12010
Removed the "telnet" wording from the requirement.
Apple iOS 11 STIG, Version 1, Release 4V-81067
Added new requirement to sunset STIG.
Documentation UpdateUpdated Revision History document.
Application Security and Development STIG, Version 4, Release 8V-70157
Modified the application, must not display passwords/PINs as clear text.
V-70317Removed the duplicate entry in the Manual STIG benchmark.
Release Date: October 26, 2018
V-70395Changed CCI-003372 to CCI-003376.
Application Server SRG, Version 2, Release 4V-57527
Added context to log reduction and on-demand reporting in Vulnerability Discussion.
EDB Postgres Advanced Server STIG, Version 1, Release 5V-68969
Changed wording to allow for alternative ways of detecting vulnerable code.
V-68971Changed wording to allow for alternative ways of detecting vulnerable code.
V-68973Changed wording to allow for alternative ways of detecting vulnerable code.
V-69023Changed wording to allow for alternative ways of detecting vulnerable code.
Enclave Test & Development STIG, Version 1, Release 5V-3918
Removed ENTD100 (V-3918) no longer included with published STIG.
V-3919Removed ENTD110 (V-3919) no longer included with published STIG.
V-14306Removed ENTD120 (V-14306) no longer included with published STIG.
V-14307Removed ENTD130 (V-14307) no longer included with published STIG.
V-14308Removed ENTD140 (V-14308) no longer included with published STIG.
V-14309Removed ENTD150 (V-14309) no longer included with published STIG.
V-14310Removed ENTD160 (V-14310) no longer included with published STIG.
V-14311Removed ENTD170 (V-14311) no longer included with published STIG.
V-14312Removed ENTD180 (V-14312) no longer included with published STIG.
V-14371Removed ENTD190 (V-14371) no longer included with published STIG.
V-14372Removed ENTD200 (V-14372) no longer included with published STIG.
V-14373Removed ENTD210 (V-14373) no longer included with published STIG.
V-14380Removed ENTD230 (V-14380) no longer included with published STIG.
V-14381Removed ENTD240 (V-14381) no longer included with published STIG.
V-14434Removed ENTD250 (V-14434) no longer included with published STIG.
V-14457Removed ENTD260 (V-14457) no longer included with published STIG.
V-14458Removed ENTD270 (V-14458) no longer included with published STIG.
V-14459Removed ENTD280 (V-14459) no longer included with published STIG.
V-14460Removed ENTD290 (V-14460) no longer included with published STIG.
V-14461Removed ENTD300 (V-14461) no longer included with published STIG.
V-14464Removed ENTD310 (V-14464) no longer included with published STIG.
V-14465Removed ENTD320 (V-14465) no longer included with published STIG.
V-14466Removed ENTD330 (V-14466) no longer included with published STIG.
V-14467Removed ENTD340 (V-14467) no longer included with published STIG.
V-14468Removed ENTD350 (V-14468) no longer included with published STIG.
V-14472Removed ENTD220 (V-14472) no longer included with published STIG.
Firewall SRG, Version 1, Release 2V-79471
Changed "ingress" to "egress" to match topic of the requirement.
Google Chrome Browser STIG, Version 1, Release 13V-44791
Corrected policy path.
V-44799Corrected registry path.
V-79929Corrected registry path and value.
V-81581Added to disable AutoPlay.
V-81583Added to enable TLS 1.1 as minimum version.
V-81585Added to disable Safe Browsing Extended Reporting.
V-81587Added to disable WebUSB.
V-81589Added to disable Chrome Cleanup.
V-81591Added to disable Chrome Cleanup Reporting.
V-81593
Added to disable Developer Tools Availability.
V-81595Added to disable Media Router.
V-81597Added to disable AutoPlay Whitelist.
Google Chrome for Windows STIG Benchmark, Version 1, Release 9V-81581
Added OVAL for "AutoplayAllowed" setting.
V-81583Added OVAL for "SSLVersionMin" setting.
V-81585Added OVAL for "SafeBrowsingExtendedReportingEnabled" setting.
V-81587Added OVAL for "DefaultWebUsbGuardSetting" setting.
V-81591Added OVAL for "ChromeCleanupEnabled" setting.
V-81593Added OVAL for "ChromeCleanupReportingEnabled" setting.
V-81595Added OVAL for "DeveloperToolsAvailability" setting.
V-81597Added OVAL for "EnableMediaRouter" setting.
HP-UX 11.31 STIG Benchmark, Version 1, Release 17Benchmark Update
Repackaged Benchmark with updated Rule IDs.
HPUX 11.31 STIG, Version 1, Release 18V-766
Updated the SMSE command in the Check content.
V-22303Removed the note from the Fix text.
V-81451Added a new Requirement to require the installation and use of antivirus leaving other configurations to the AV product STIGs.
IBM DB2 V10.5 LUW STIG, Version 1, Release 3V-74433
Applied revised wording supplied by vendor.
V-74441Added "sysuserauth" and "sysdbauth" to list of catalogs to be audited.
V-74443Added "sysuserauth" and "sysdbauth" to list of catalogs to be audited.
V-74485Allowed DB2COMM to be set to both SSL and TCPIP simultaneously.
V-74487Applied revised wording supplied by vendor.
V-74597Allowed DB2COMM to be set to both SSL and TCPIP simultaneously.
V-74605Allowed DB2COMM to be set to both SSL and TCPIP simultaneously.
V-74607Allowed DB2COMM to be set to both SSL and TCPIP simultaneously.
IBM MaaS360 V2.3.x MDM STIG, Version 1, Release 2V-80971
Added new requirement to sunset STIG.
Infoblox 7.x DNS STIG, Version 1, Release 6V-68533
Modified Check content to clarify applicability to same Infoblox grid as child zone being reviewed.
V-68539Modified Check content to clarify grid member applicability.
V-68557Modified Check content to clarify grid member applicability.
V-68559Modified Check content to clarify grid member applicability.
V-68571Modified Check content to clarify grid member applicability.
V-68573Modified Check content to clarify grid member applicability.
V-68575Modified Check content to clarify grid member applicability.
V-68577
Modified Check content to clarify grid member applicability.
V-68579Modified Check content to clarify grid member applicability.
V-68581Modified Check content to clarify grid member applicability.
V-68583Modified Check content to clarify grid member applicability.
V-68701Modified Check content to clarify grid member applicability.
Intrusion Detection and Prevention System Technology SRG, Version 2, Release 4Documentation Update
Updated Section 2.2 to add guidance for IDS (monitoring) versus IPS (blocking) requirements.Updated Section 3.2 to clarify IDS verses IPS functions in the IDPS solution/implementation.
Microsoft .Net Framework 4 STIG Benchmark, Version 1, Release 5V-81495
Developed new OVAL for .Net Framework 4.0.30319 for setting the SchUseStrongCrypto registry key to the dword value of 1.
Microsoft .Net Framework 4 STIG, Version 1, Release 6V-30937
Added exclusion for the caspol.exe assembly.
V-81495Added new requirement to disable RC4 in .NET TLS.
Microsoft Exchange 2010 Edge STIG, Version 1, Release 13V-33557
Updated Check content to include SIPR/EEMSG options.
V-33643Updated Check content to include SIPR/EEMSG options.
V-33644Updated Check content to include SIPR/EEMSG options.
Microsoft Exchange 2013 Edge STIG, Version 1, Release 3V-69861
Updated Check content to include SIPR/EEMSG options.
V-69863Updated Check content to include SIPR/EEMSG options.
V-69899Updated Check content to include SIPR/EEMSG options.
Microsoft IIS 7.0 Site STIG, Version 1, Release 17V-26026
Removed duplicate export from benchmark, repackaged.
Microsoft IIS 8.5 Server STIG, Version 1, Release 5V-76735
Corrected typo in check text.
Microsoft IIS 8.5 Site STIG, Version 1, Release 5V-76787
Added statement in Check content to not be a finding if site is not behind a proxy server.
V-76811Clarified Check content.
V-76827
Corrected error in Check content finding statement.
V-76883Removed requirement.
Microsoft Office System 2013 STIG Benchmark, Version 1, Release 6V-22630
Removed OVAL due to manual procedure being added to the STIG Check content.
Microsoft Office System 2013 STIG, Version 1, Release 7V-26630
Modified Check content to allow modern authentication through ADfS to Office 365 with CAC/Token authentication but only for the specific DoD instance of Office 365
Microsoft Office System 2016 STIG Benchmark, Version 1, Release 3Benchmark Update
Updated OVAL CPE to address issue where the benchmark fails to recognize the existence a component of Office 2016 on the system.
Microsoft Outlook 2013 STIG Benchmark, Version 1, Release 7V-17761
Updated OVAL to allow plain-text line lengths between 30 and 132, inclusive.
Microsoft Outlook 2013 STIG, Version 1, Release 13V-17761
Changed line length to state "between" valid variables.
Microsoft SQL Server 2014 Instance STIG, Version 1, Release 9V-67795
Aligned guidance with 2016 STIG.
V-67797Requirement removed. Covered by modified V-67795.
V-67799
Requirement removed. Covered by modified V-67795.
Microsoft SQL Server 2016 Database STIG, Version 1, Release 3Documentation Update
Removed erroneous .sql supplemental file.
Microsoft SQL Server 2016 Instance STIG, Version 1, Release 3V-79139
Updated supplemental file in Fix text.
V-79169Clarified that requiring SQL to be installed on a different drive is optional, not mandatory.
V-79181Updated the query in the Check Text to make use of the stored procedure sp_helpextendedproc.
V-79191Corrected Check query.Provided exception for Database Master Key.
V-79259Updated supplemental file in Fix text.
V-79261Updated supplemental file in Fix text.
V-79263Updated supplemental file in Fix text.
V-79265Updated supplemental file in Fix text.
V-79269
Updated supplemental file in Fix text.
V-79275Updated supplemental file in Fix text.
V-79277Updated supplemental file in Fix text.
V-79279Updated supplemental file in Fix text.
V-79281Updated supplemental file in Fix text.
V-79339Requirement removed. Covered by modified V-67795.
Documentation UpdateRemoved erroneous .sql supplemental file.
Microsoft Windows 2008 R2 DC STIG Benchmark, Version 1, Release 30Benchmark Update
Repackaged Benchmark with updated Rule IDs.
Microsoft Windows 2008 R2 DC STIG, Version 1, Release 28V-78057
Corrected group policy path.
V-78059Corrected group policy path.
V-78061Corrected group policy path.
V-78063Corrected group policy path.
Microsoft Windows 2008 R2 MS STIG Benchmark, Version 1, Release 31Benchmark Update
Repackaged Benchmark with updated Rule IDs.
Microsoft Windows 2008 R2 MS STIG, Version 1, Release 28V-1127
Removed exception note referencing AD admin platforms.
V-1155Removed exception note referencing AD admin platforms.
V-26470Removed exception note referencing AD admin platforms. Updated Rule Title to specific requirement. Moved Severity Override statement to Check
V-26485Removed exception note referencing AD admin platforms.
V-26486Removed exception note referencing AD admin platforms.
V-78057Corrected group policy path.
V-78059Corrected group policy path.
V-78061Corrected group policy path.
V-78063Corrected group policy path.
Microsoft Windows Server 2016 STIG Benchmark, Version 1, Release 7V-73405
Updated the OVAL by removing the /00 from the check the variables are using to determine the Application.evtx file path.
V-73407Updated the OVAL by removing the /00 from the check the variables are using to determine the Security.evtx file path.
V-73409Updated the OVAL by removing the /00 from the check the variables are using to determine the System.evtx file path.
V-73507Separated from OVAL definition (def:85) used by Windows 10 counterpart (WN10-CC-000040/V-63569/SV-78059).
Microsoft Windows Server 2016 STIG, Version 1, Release 6V-73221
Removed exception note referencing AD admin platforms.
V-73269Removed requirement, addressed by product STIG.
V-73443Corrected group policy path.
V-73445Corrected group policy path.
V-73477Corrected group policy path.
V-73479
Corrected group policy path.
V-73515Updated to note as NA for domain controllers. Updated link to Microsoft documentation.
V-73645Updated to clarify "0" is not allowed.
V-73733Removed exception note referencing AD admin platforms.
V-73759Removed exception note referencing AD admin platforms.
V-73771Removed exception note referencing AD admin platforms.
V-73775Removed exception note referencing AD admin platforms.
Mobile Policy STIG, Version 2, Release 4V-19813
Updated check to allow physically disabling wireless NICs in classified computers.
Documentation UpdateUpdated Revision History document.
Mozilla FireFox STIG, Version 4, Release 23V-6318
Updated note text.
V-19741Updated to allow internal or Mozilla update server.
Multifunction Device and Network Printers STIG, Version 2, Release 12Documentation Update
Updated Section 1.1 to specify that directly connected printing devices, such as USB printers are out of scope.
Network Infrastructure Policy STIG, Version 9, Release 7V-8051
Added POC for USCYBERCOM and the Connection Approval Office to the Check content.
Network Infrastructure Router L3 Switch STIG - Cisco, Version 8, Release 28V-3175
Included default aaa in config examples.
V-4582Included default aaa in config examples.
V-5626Removed downgrade in severity override
Network Infrastructure Router L3 Switch STIG, Version 8, Release 28V-5626
Removed downgrade in severity override.
Network Layer 2 Switch STIG - Cisco, Version 8, Release 26V-3175
Included default aaa in config examples.
V-4582Included default aaa in config examples.
V-5626Removed downgrade in severity override.
V-5646Removed NET0965 from benchmark, but still active because affects Router Requirements.
Network Layer 2 Switch STIG, Version 8, Release 26V-5626
Removed downgrade in severity override.
V-5646Removed NET0965 from benchmark, but still active because affects Router Requirements.
Network Perimeter Router L3 Switch STIG - Cisco, Version 8, Release 31V-3175
Included default aaa in config examples.
V-4582Included default aaa in config examples.
V-5626Removed downgrade in severity override.
V-14670Corrected ICMP type code and Removed statement about alternative since no IPv6 unreachables will not impact PMTUD.
V-14688Updated Check content to provide clarification on ingress/egress filtering.
V-14699Corrected the configuration example in the Check content and Fix text.
Network Perimeter Router L3 Switch STIG - Juniper, Version 8, Release 31V-14670
Corrected ICMP type code and Removed statement about alternative since no IPv6 unreachables will not impact PMTUD.
V-14688Updated Check content to provide clarification on ingress/egress filtering.
V-14699Corrected the configuration example in the Check content and Fix text.
Network Perimeter Router L3 Switch STIG, Version 8, Release 31V-5626
Removed downgrade in severity override.
V-14670Corrected ICMP type code and Removed statement about alternative since no IPv6 unreachables will not impact PMTUD.
V-14688Updated Check content to provide clarification on ingress/egress filtering.
V-14699Corrected the configuration example in the Check content and Fix text.
Oracle Database 12c STIG, Version 1, Release 11V-61633
Added information on how to check in a Unified Audit environment.
V-61773Redundant requirement deleted. Covered by V-61771.
Oracle HTTP Server 12.1.3 STIG, Version 1, Release 4V-64299
Updated the Check content and the Fix text by adding a "{" to $COMPONENT_NAME}.
Oracle Linux 5 STIG, Version 1, Release 13V-81455
Added a new Requirement to require the installation and use of antivirus leaving other configurations to the AV product STIGs.
Oracle Linux 6 STIG, Version 1, Release 13V-50737
Updated the Check content and Fix text to include /etc/pam.d/password-auth.
V-50855Updated the Check content and Fix text to include /etc/pam.d/password-auth.
V-50877Updated the Check content and Fix text to use authpriv.notice as the CTRL-ALT-DEL facility.
V-50911Updated the Check content and Fix text to include /etc/pam.d/password-auth.
V-50913Updated the Check content and Fix text to include /etc/pam.d/password-auth.
V-50915Updated the Check content and Fix text to include /etc/pam.d/password-auth.
V-50917Updated the Check content and Fix text to include /etc/pam.d/password-auth.
V-50919Updated the Check content and Fix text to include /etc/pam.d/password-auth.
V-50923Updated the Check content and Fix text to include /etc/pam.d/password-auth.
V-50995Updated the Check content and Fix text to include /etc/pam.d/password-auth.
V-81453
Added a new Requirement to require the installation and use of antivirus leaving other configurations to the AV product STIGs.
V-81457Added a new requirement that /dev/shm is mounted with the "nodev" option.
V-81459Added a new requirement that /dev/shm is mounted with the "nosuid" option.
V-81461Added a new requirement that /dev/shm is mounted with the "noexec" option.
Oracle WebLogic Server 12c STIG, Version 1, Release 5Documentation Update
Updated Overview to include specific reference to the exact version of WebLogic in the scope section. Version used to create the STIG is 12 1 3 0 0
PostgreSQL 9.x STIG, Version 1, Release 4V-72843
Restored Check content wording, which had been corrupted.
Red Hat 6 STIG Benchmark, Version 1, Release 21V-38501
Updated OVAL to accept use of "authsucc" option for pam_faillock.so.
V-38522Updated OVAL to accept the "settimeofday" syscall in a comma-separated list in audit.rules file.
V-38525Updated OVAL to accept the "stime" syscall in a comma-separated list in audit.rules file.
V-38527Updated OVAL to accept the "clock_settime" syscall in a comma-separated list in audit.rules file.
V-38543
Updated OVAL to accept the "chmod" syscall in a comma-separated list in audit.rules file.
V-38545Updated OVAL to accept the "chown" syscall in a comma-separated list in audit.rules file.
V-38547Updated OVAL to accept the "fchmod" syscall in a comma-separated list in audit.rules file.
V-38550Updated OVAL to accept the "fchmodat" syscall in a comma-separated list in audit.rules file.
V-38552Updated OVAL to accept the "fchown" syscall in a comma-separated list in audit.rules file.
V-38554Updated OVAL to accept the "fchownat" syscall in a comma-separated list in audit.rules file.
V-38556Updated OVAL to accept the "fremovexattr" syscall in a comma-separated list in audit.rules file.
V-38557Updated OVAL to accept the "lremovexattr" syscall in a comma-separated list in audit.rules file.
V-38558Updated OVAL to accept the "removexattr" syscall in a comma-separated list in audit.rules file.
V-38559Updated OVAL to accept the "lremovexattr" syscall in a comma-separated list in audit.rules file.
V-38561Updated OVAL to accept the "lsetxattr" syscall in a comma-separated list in audit.rules file.
V-38563Updated OVAL to accept the "removexattr" syscall in a comma-separated list in audit.rules file.
V-38565Updated OVAL to accept the "setxattr" syscall in a comma-separated list in audit.rules file.
V-38568Updated OVAL to accept the "mount" syscall in a comma-separated list in audit.rules file.
V-38573Updated OVAL to accept use of "authsucc" option for pam_faillock.so.
V-38575Updated OVAL to accept the "rmdir", "unlink", "unlinkat", "rename", and "renameat" syscalls in a comma-separated list in audit.rules file.
V-38580Updated OVAL to accept the "init_module" and "delete_module" syscalls in a comma-separated list in audit.rules file.
V-38592Updated OVAL to accept use of "authsucc" option for pam_faillock.so.
V-81441Enabled OVAL for auditing "adjtimex" syscall and accept the syscall in a comma-separated list in the audit.rules file.
V-81445Developed new OVAL to check that the nodev option is configured for /dev/shm in the /etc/fstab.
V-81447Developed new OVAL to check that the nosuid option is configured for /dev/shm in the /etc/fstab.
V-81449Developed new OVAL to check that the noexec option is configured for /dev/shm in the /etc/fstab.
RedHat 6 STIG, Version 1, Release 20V-81441
Updated the Requirement text to simply require the installation and use of antivirus leaving other configurations to the AV product STIGs.
V-81443Added a new requirement that /dev/shm is mounted with the "nodev" option.
V-81445Added a new requirement that all attempts to alter system time are audited using "adjtimex".
V-81447Added a new requirement that /dev/shm is mounted with the "nosuid" option.
V-81449Added a new requirement that /dev/shm is mounted with the "noexec" option.
REL In-Country LAN STIG, Version 2, Release 2V-75179
Updated REL-LAN-0050 (V-75179) to clarify interview by ISSM.
V-75183Updated REL-LAN-0070 (V-75183) to clarify IP Address Space.
V-75185Updated REL-LAN-0090 (V-75185) for traffic outside Enclave.
V-75187Updated REL-LAN-0100 (V-75187) to clarify web content exception.
V-75193Updated REL-LAN-0140 (V-75193) to clarify local releasable content.
Samsung Android 7 with Knox 2.x STIG, Version 1, Release 3V-76611
Removed requirement. Iris scan feature has passed Common Criteria evaluation.
Documentation UpdateUpdated Revision History document.Updated the Supplemental document Section 7.2, Biometric Authentication, to allow the use of Iris Scan authentication.Updated Configuration Tables document. Changes Iris control from required to optional and changed recommended setting to "select".
SLES V11 for System z STIG, Version 1, Release 12V-12010
Removed the "telnet" wording from the requirement.
Solaris 11 SPARC STIG Benchmark, Version 1, Release 10Benchmark Update
Repackaged Benchmark with updated Rule IDs.
Solaris 11 SPARC STIG, Version 1, Release 16V-48113
Updated the grep command in the Check content to provide the correct information.
V-48243Corrected the spelling of "algorithms" in the Fix text.
Solaris 11 x86 STIG Benchmark, Version 1, Release 10V-48001
Updated OVAL to accept ZFS boot pools other than "rpool".
Solaris 11 x86 STIG, Version 1, Release 16V-48001
Added $prefix to the example output in the Check content. Added $prefix as part of the command to be added to /rpool/boot/grub/grub cfg
V-48113Updated the grep command in the Check content to provide the correct information.
V-48243
Corrected the spelling of "algorithms" in the Fix text.
Storage Area Network STIG, Version 2, Release 3V-6633
Clarified the requirement to require bidirectional authentication as required by 800-53.
V-6634Clarified the requirement to require PKI by removing encryption information.Clarified the requirement by splitting SNA04.011.00. This requirement is for changing the manufacturer's default or self-signed certificate.
Video Services Policy STIG, Version 1, Release 10V-79051
Reinstated VVT/VTC 1906 (V-79051) to the Video Services Policy STIG.
Voice and Video over Internet Protocol (VVoIP) Policy STIG, Version 3, Release 14V-8225
Removed VVT/VTC 1000 (V-8225) as physical security is outside the scope of this STIG.
V-8257Removed VVT 1115 (V- 8257) as C&A and APL is out of scope of this STIG.
V-19593Updated VVoIP 1225 (V-19593) to note site mitigations may rely on mobile devices, and to be NA for sites serviced by DISN and sites with less than 96 endpoints
VVoIP STIG, Version 3, Release 13V-4042
Removed VoIP 0010 (V-4042) no longer included with published STIG.
V-4043Removed VoIP 0020 (V-4043) no longer included with published STIG.
V-4044Removed VoIP 0030 (V-4044) no longer included with published STIG.
V-4045Removed VoIP 0040 (V-4045) no longer included with published STIG.
V-4046Removed VoIP 0050 (V-4046) no longer included with published STIG.
V-4047Removed VoIP 0060 (V-4047) no longer included with published STIG.
V-4048Removed VoIP 0070 (V-4048) no longer included with published STIG.
V-4049Removed VoIP 0080 (V-4049) no longer included with published STIG.
V-4050Removed VoIP 0090 (V-4050) no longer included with published STIG.
V-4051Removed VoIP 0100 (V-4051) no longer included with published STIG.
V-4052Removed VoIP 0110 (V-4052) no longer included with published STIG.
V-4053Removed VoIP 0120 (V-4053) no longer included with published STIG.
V-4054Removed VoIP 0130 (V-4054) no longer included with published STIG.
V-4055Removed VoIP 0140 (V-4055) no longer included with published STIG.
V-4056Removed VoIP 0150 (V-4056) no longer included with published STIG.
V-4057Removed VoIP 0160 (V-4057) no longer included with published STIG.
V-4058Removed VoIP 0170 (V-4058) no longer included with published STIG.
V-4059Removed VoIP 0180 (V-4059) no longer included with published STIG.
V-4060Removed VoIP 0190 (V-4060) no longer included with published STIG.
V-4061Removed VoIP 0200 (V-4061) no longer included with published STIG.
V-4062Removed VoIP 0210 (V-4062) no longer included with published STIG.
V-4063Removed VoIP 0220 (V-4063) no longer included with published STIG.
V-4064Removed VoIP 0230 (V-4064) no longer included with published STIG.
V-4065Removed VoIP 0240 (V-4065) no longer included with published STIG.
V-4066Removed VoIP 0250 (V-4066) no longer included with published STIG.
V-4067
Removed VoIP 0260 (V-4067) no longer included with published STIG.
V-4068Removed VoIP 0270 (V-4068) no longer included with published STIG.
V-4069Removed VoIP 0280 (V-4069) no longer included with published STIG.
V-4070Removed VoIP 0290 (V-4070) no longer included with published STIG.
V-4071Removed VoIP 0300 (V-4071) no longer included with published STIG.
V-4072Removed VoIP 0310 (V-4072) no longer included with published STIG.
V-4073Removed VoIP 0320 (V-4073) no longer included with published STIG.
V-4074Removed VoIP 0330 (V-4074) no longer included with published STIG.
V-4075Removed VoIP 0340 (V-4075) no longer included with published STIG.
V-4076Removed VoIP 0350 (V-4076) no longer included with published STIG.
V-4078Removed VoIP 0370 (V-4078) no longer included with published STIG.
V-4079Removed VoIP 0380 (V-4079) no longer included with published STIG.
V-19444Update VVoIP 1755(V-19444) condition in DPMS.
V-19625Updated VVoIP 1725 (V-19625) condition.
V-19628Updated VVoIP 5225 (V-19628) condition.
V-19629Updated VVoIP 5230 (V-19629) condition.
V-19630Updated VVoIP 5235 (V-19630) condition.
V-19631Updated VVoIP 5400 (V-19631) condition.
V-19632Updated VVoIP 5520 (V-19632) condition.
V-19634Updated VVoIP 5530 (V-19634) condition.
V-19635Updated VVoIP 5600 (V-19635) condition.
V-19636Updated VVoIP 5605 (V-19636) condition.
V-19637Updated VVoIP 5610 (V-19637) condition.
V-19638Updated VVoIP 5615 (V-19638) condition.
V-19639Updated VVoIP 5620 (V-19639) condition.
V-19640Updated VVoIP 5625 (V-19640) condition.
V-19642Updated VVoIP 5635 (V-19642) condition.
V-19643Updated VVoIP 5640 (V-19643) condition.
V-19644Updated VVoIP 5645 (V-19644) condition.
V-19645Updated VVoIP 5560 (V-19645) condition.
V-19646Updated VVoIP 5540 (V-19646) condition.
V-19647Updated VVoIP 5535 (V-19647) condition.
V-19648Updated VVoIP 5545 (V-19648) condition.
V-19649Updated VVoIP 5550 (V-19649) condition.
V-19650
Updated VVoIP 5555 (V-19650) condition.
V-19661Updated VVoIP 6200 (V-19661) condition.
V-19662Updated VVoIP 6205 (V-19662) condition.
V-19663Updated VVoIP 6210 (V-19663) condition.
V-19664Updated VVoIP 6215 (V-19664) condition.
V-19665Updated VVoIP 6300 (V-19665) condition.
V-19666Updated VVoIP 6305 (V-19666) condition.
V-19667Updated VVoIP 6310 (V-19667) condition.
V-19668Updated VVoIP 6315 (V-19668) condition.
V-19669Updated VVoIP 6320 (V-19669) condition.
V-19670Updated VVoIP 6325 (V-19670) condition.
V-19671Updated VVoIP 6330 (V-19671) condition.
V-19673Updated VVoIP 6340 (V-19673) condition.
V-19674Updated VVoIP 6345 (V-19674) condition.
V-19675Updated VVoIP 6350 (V-19675) condition.
V-19676Updated VVoIP 6400 (V-19676) condition.
V-19677Updated VVoIP 6405 (V-19677) condition.
V-21517Updated VVoIP 5111 (V-21517) condition.
V-21518Updated VVoIP 5116 (V-21518) condition.
V-21520Updated VVoIP 1670 (V-21520) condition.
V-80973Updated VVoIP 1675 (V-80973) condition.
z/OS ACF2 STIG, Version 6, Release 38V-4850
Allowed authorize System Programmer Batch job to have alter access.
V-6945
Updated the verbiage in the Check content of the STIG to be consistent to state: "Automated Analysis requires Additional Analysis".
V-7485Allowed for multiple master consoles.
z/OS Automated PDI list spreadsheet, Version 6, Release 38Multiple
Added RACF0470 and TSS0290 to spreadsheet and deleted TSS0244 and TSS0248 from spreadsheet.
z/OS BMC CONTROL-D for ACF2 STIG, Version 6, Release 7V-17947
Changed the STIG to use FACILITY to check for the $$SECxxx.<qname> profiles.
z/OS BMC CONTROL-D for RACF STIG, Version 6, Release 7V-17947
Changed the STIG to use FACILITY to check for the $$SECxxx.<qname> profiles.
z/OS BMC CONTROL-D for TSS STIG, Version 6, Release 7V-17947
Changed the STIG to use FACILITY to check for the $$SECxxx.<qname> profiles.
z/OS BMC CONTROL-M for ACF2 STIG, Version 6, Release 8V-17947
Changed the STIG to use FACILITY to check for the $$SECxxx.<qname> profiles.
z/OS BMC CONTROL-M for RACF STIG, Version 6, Release 8V-17947
Changed the STIG to use FACILITY to check for the $$SECxxx.<qname> profiles.
z/OS BMC CONTROL-M for TSS STIG, Version 6, Release 8V-17947
Changed the STIG to use FACILITY to check for the $$SECxxx.<qname> profiles.
z/OS BMC CONTROL-O for ACF2 STIG, Version 6, Release 7V-17947
Changed the STIG to use FACILITY to check for the $$SECxxx.<qname> profiles.
z/OS BMC CONTROL-O for RACF STIG, Version 6, Release 7V-17947
Changed the STIG to use FACILITY to check for the $$SECxxx.<qname> profiles.
z/OS BMC CONTROL-O for TSS STIG, Version 6, Release 7V-17947
Changed the STIG to use FACILITY to check for the $$SECxxx.<qname> profiles.
z/OS BMC IOA for ACF2 STIG, Version 6, Release 7V-17947
Changed the STIG to use FACILITY to check for the $$SECxxx.<qname> profiles.
z/OS BMC IOA for RACF STIG, Version 6, Release 7V-17947
Changed the STIG to use FACILITY to check for the $$SECxxx.<qname> profiles.
z/OS BMC IOA for TSS STIG, Version 6, Release 7V-17947
Changed the STIG to use FACILITY to check for the $$SECxxx.<qname> profiles.
z/OS CL/SuperSession for TSS STIG, Version 6, Release 10Documentation Update
Corrected the files name for z/OS CLSuperSession for TSS STIG.
z/OS ICSF for RACF STIG, Version 6, Release 5V-18014
Corrected Check content.
z/OS RACF STIG, Version 6, Release 38V-4850
Allowed authorize System Programmer Batch job to have alter access.
V-6945Updated the verbiage in the Check content of the STIG to be consistent to state: "Automated Analysis requires Additional Analysis".
V-7485Allowed for multiple master consoles.
z/OS SRR Scripts, Version 6, Release 38V-4850
Added additional access requirements for user catalogs.
V-7485Changed status to Not Reviewed if more that one console specifies AUTH(MASTER).
V-17947Changed process to obtain resource from a different resource class.Added additional access requirements for VSR$.VSR.
z/OS TSS STIG, Version 6, Release 38V-4850
Allowed authorize System Programmer Batch job to have alter access.
V-6945Updated the verbiage in the Check content of the STIG to be consistent to state: "Automated Analysis requires Additional Analysis".
V-7485Allowed for multiple master consoles.
z/OS VSS for RACF STIG, Version 6, Release 8
Documentation UpdateAdded AUDTAUDT to the authorized list along with SECAAUDT and SECDAUDT for allowed access to VSR$.VSR in the addendum.