STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to CA IDMS Security Technical Implementation Guide

V-251624

CAT II (Medium)

IDMS must suppress security-related messages so that no information is returned that can be exploited.

Rule ID

SV-251624r961167_rule

STIG

CA IDMS Security Technical Implementation Guide

Version

V2R1

CCIs

CCI-001312

Discussion

Error messages issued to non-privileged users may have contents that should be considered confidential. IDMS should be configured so that these messages are not issued to those users.

Check Content

Log on to IDMS DC system and issue "DCPROFIL". Scroll to the OPTION FLAGS screen. If "OPT00051" is not listed, this is a finding. 

For IDMS LOG messages, if OPT00226 is not listed, this is a finding.

Fix Text

Reassemble, relink, and reload (V NC) RHDCOPTF with #DEFOPTF OPT00051 (for messages sent to user) and optional #DEFOPTF OPT00226 (for messages sent to IDMS log).