Rule ID
SV-224554r1145047_rule
Version
V7R3
Users signed on to a WebSphere MQ queue manager could leave their terminals unattended for long periods of time. This may allow unauthorized individuals to gain access to WebSphere MQ resources and application data. This exposure could compromise the availability, integrity, and confidentiality of some system services and application data.
Refer to the following report produced by the z/OS Data Collection: - MQSRPT(ssid) Note: ssid is the queue manager name (a.k.a., subsystem identifier). Automated Analysis Refer to the following report produced by the z/OS Data Collection: - PDI(ZWMQ0020) Review the ssid report(s) and perform the following steps: Find the DISPLAY SECURITY command to locate the start of the security parameter settings. Review the CSQH015I and CSQH016I messages to determine the Timeout and Interval parameter settings respectively. Repeat these steps for each queue manager ssid. The standard values are: TIMEOUT(15) INTERVAL(5) If the Timeout and Interval values conform to the standard values, this is not a finding.
Review the WebSphere MQ System Setup Guide and the information on the ALTER SECURITY command in the WebSphere MQ Script (MQSC) Command Reference. Ensure the values for the TIMEOUT and INTERVAL parameters are specified in accordance with security requirements.