STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 7 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to z/OS CL/SuperSession for ACF2 Security Technical Implementation Guide

V-224287

CAT II (Medium)

CL/SuperSession KLVINNAM member must be configured in accordance with security requirements.

Rule ID

SV-224287r1141422_rule

STIG

z/OS CL/SuperSession for ACF2 Security Technical Implementation Guide

Version

V7R2

CCIs

CCI-000381

Discussion

CL/SuperSession configuration/parameters control the security and operational characteristics of products. If these parameter values are improperly specified, security and operational controls may be weakened. This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data.

Check Content

Version 3 of CL/SuperSession
Review the member KLKINNAM in the TLVPARM DD statement concatenation of the CL/SuperSession STC procedure. (This member is located in SYS3.OMEGAMON.qualifier.RLSPARM.)

Version 2 of CL/SuperSession
Review the member KLVINNAM in the TLVPARM DD statement concatenation of the CL/SuperSession STC procedure. (This member is located in SYS3.OMEGAMON.qualifier.RLSPARM.)

Automated Analysis
Refer to the following report produced by the z/OS Data Collection:

- PDI(ZCLS0042).

If one of the following configuration settings is specified for each control point defined in the KLKINNAM member for version 3 of CL/SuperSession or KLVINNAM member for version 2 of CL/SuperSession, this is not a finding.

DEFAULT DSNAME(SYS3.OMEGAMON.qualifier.RLSNAM) -
NORACF -
CLASSES=APPCLASS -
NODB -
EXIT=KLSA2NEV

(The following is for z/OS CAC logon processing)
DEFAULT DSNAME(SYS3.OMEGAMON.qualifier.RLSNAM) -
SAF -
CLASSES=APPCLASS -
NODB -
EXIT=KLSSFPTX

Fix Text

Ensure that the parameter options for member KLKINNAM for Version 3 of CL/SuperSession or KLVINNAM for Version 2 of CL/SuperSession are coded to the below specifications.

(Note: The dataset identified below is an example of a possible installation. The actual dataset is determined when the product is installed on a system through the product's installation guide and can be site specific.)

Review the member KLKINNAM or KLVINNAM in the TLVPARM DD statement concatenation of the CL/SuperSession STC procedure. (This member is located in SYS3.OMEGAMON.qualifier.RLSPARM.) Ensure all session manager security parameters and control options are in compliance according to the following: 

DEFAULT DSNAME(SYS3.OMEGAMON.qualifier.RLSNAM) -
      NORACF -
      CLASSES=APPCLASS -
      NODB -
      EXIT=KLSA2NEV

(The following is for z/OS CAC logon processing)
DEFAULT DSNAME(SYS3.OMEGAMON.qualifier.RLSNAM) -
      SAF -
      CLASSES=APPCLASS -
      NODB -
      EXIT=KLSSFPTX