The Mainframe Product must prohibit the use of cached authenticators after one hour.

STIG ID: SRG-APP-000400-MFP-000241  |  SRG: SRG-APP-000400 |  Severity: medium |  CCI: CCI-002007 |  Vulnerability Id: V-205573 | 

Vulnerability Discussion

If cached authentication information is out of date, the validity of the authentication information may be questionable.

Check

If the Mainframe Product has no function or capability for user logon, this is not applicable.

If the Mainframe Product employs an external security manager for all account management functions, this is not applicable.

Examine user account management configurations.

If the Mainframe Product is configured to prohibit the use of cached authenticators after one hour, this is not a finding.

Fix

Configure the Mainframe Product account management settings to prohibit the use of cached authenticators after one hour.