kriterion 0.0.1

data/standards/stig_zos_clsupersessiontss.json

@@ -0,0 +1,71 @@
+{
+  "name": "stig_zos_clsupersessiontss",
+  "date": "2018-04-04",
+  "description": "None",
+  "title": "z/OS CL/SuperSession for TSS STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "CL/SuperSession Install data sets must be properly protected.",
+      "description": "CL/SuperSession Install data sets provide the capability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17067",
+      "title": "CL/SuperSession STC data sets must be properly protected.",
+      "description": "CL/SuperSession STC data sets provide the capability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "CL/SuperSession Started Task name is not properly identified / defined to the system ACP.",
+      "description": "CL/SuperSession requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17454",
+      "title": "CL/SuperSession Started task(s) must be properly defined to the Started Task Table ACID for Top Secret.",
+      "description": "Access to product  resources should be restricted to only those individuals responsible for the application connectivity and who have a requirement to access these resources.  Improper control of product resources could potentially compromise the operating system, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17469",
+      "title": "CL/SuperSession is not properly defined to the Facility Matrix Table for Top Secret.",
+      "description": "Improperly defined security controls for the Product could result in the compromise of the network, operating system, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-18011",
+      "title": "CL/SuperSession's Resouce Class is not defined or active in the ACP.",
+      "description": "Failure to use a robust ACP to control a product could potentially compromise the integrity and availability of the MVS operating system and user data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-18014",
+      "title": "CL/SuperSession profile options are set improperly.",
+      "description": "Product configuration/parameters control the security and operational characteristics of products.  If these parameter values are improperly specified, security and operational controls may be weakened.  This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-22689",
+      "title": "CL/SuperSession is not properly configured to generate SMF records for audit trail and accounting reports.",
+      "description": "Product configuration/parameters control the security and operational characteristics of products.  If these parameter values are improperly specified, security and operational controls may be weakened.  This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-22690",
+      "title": "CL/SuperSession KLVINNAM member must be configured in accordance to security requirements.",
+      "description": "CL/SuperSession configuration/parameters control the security and operational characteristics of products.  If these parameter values are improperly specified, security and operational controls may be weakened.  This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-22691",
+      "title": "CL/SuperSession APPCLASS member is not configured in accordance with the proper security requirements.",
+      "description": "Product configuration/parameters control the security and operational characteristics of products.  If these parameter values are improperly specified, security and operational controls may be weakened.  This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_compuware_abend-aidacf2.json

@@ -0,0 +1,47 @@
+{
+  "name": "stig_zos_compuware_abend-aidacf2",
+  "date": "2015-09-25",
+  "description": "None",
+  "title": "z/OS Compuware Abend-AID for ACF2 STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "Compuware Abend-AID installation data sets will be properly protected.",
+      "description": "Compuware Abend-AID installation data sets have the ability to use privileged functions and/or have access to sensitive data.  Failure to properly restrict access to these data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17067",
+      "title": "Compuware Abend-AID STC data sets must be properly protected.",
+      "description": "Compuware Abend-AID STC data sets have the ability to use privileged functions and/or have access to sensitive data.  Failure to properly restrict access to these data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "Compuware Abend-AID Started Task name will be properly identified and/or defined to the system ACP.",
+      "description": "Compuware Abend-AID requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17947",
+      "title": "Compuware Abend-AID resources will be properly defined and protected.",
+      "description": "Compuware Abend-AID can run with sensitive system privileges, and potentially can circumvent system controls.  Failure to properly control access to product resources could result in the compromise of the operating system environment, and compromise the confidentiality of customer data.  Many utilities assign resource controls that can be granted to system programmers only in greater than read authority.  Resources are also granted to certain non systems personnel with read only authority.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-18014",
+      "title": "Compuware Abend-AID external security options will be specified properly.",
+      "description": "Compuware Abend-AID offers external security interfaces that are controlled by parameters specified in FDBDPARM DD statement of the started task procedures.  These interfaces provide security controls for Abend-AID.  Without proper controls to ensure that security is active, the integrity of the Compuware Abend-AID System and the confidentiality of data stored on the system may be compromised.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-21592",
+      "title": "Compuware Abend-AID user data sets must be properly protected.",
+      "description": "Compuware Abend-AID user data sets have the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to these data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_compuware_abend-aidracf.json

@@ -0,0 +1,53 @@
+{
+  "name": "stig_zos_compuware_abend-aidracf",
+  "date": "2015-09-25",
+  "description": "None",
+  "title": "z/OS Compuware Abend-AID for RACF STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "Compuware Abend-AID installation data sets will be properly protected.",
+      "description": "Compuware Abend-AID installation data sets have the ability to use privileged functions and/or have access to sensitive data.  Failure to properly restrict access to these data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17067",
+      "title": "Compuware Abend-AID STC data sets must be properly protected.",
+      "description": "Compuware Abend-AID STC data sets have the ability to use privileged functions and/or have access to sensitive data.  Failure to properly restrict access to these data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "Compuware Abend-AID Started Task name will be properly identified and/or defined to the system ACP.",
+      "description": "Compuware Abend-AID requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17454",
+      "title": "Compuware Abend-AID Started task will be properly defined to the STARTED resource class for RACF.",
+      "description": "Access to product resources should be restricted to only those individuals responsible for the application connectivity and who have a requirement to access these resources.  Improper control of product resources could potentially compromise the operating system, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17947",
+      "title": "Compuware Abend-AID resources will be properly defined and protected.",
+      "description": "Compuware Abend-AID can run with sensitive system privileges, and potentially can circumvent system controls.  Failure to properly control access to product resources could result in the compromise of the operating system environment, and compromise the confidentiality of customer data.  Many utilities assign resource controls that can be granted to system programmers only in greater than read authority.  Resources are also granted to certain non systems personnel with read only authority.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-18014",
+      "title": "Compuware Abend-AID external security options will be specified properly.",
+      "description": "Compuware Abend-AID offers external security interfaces that are controlled by parameters specified in FDBDPARM DD statement of the started task procedures.  These interfaces provide security controls for Abend-AID.  Without proper controls to ensure that security is active, the integrity of the Compuware Abend-AID System and the confidentiality of data stored on the system may be compromised.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-21592",
+      "title": "Compuware Abend-AID user data sets must be properly protected.",
+      "description": "Compuware Abend-AID user data sets have the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to these data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_compuware_abend-aidtss.json

@@ -0,0 +1,53 @@
+{
+  "name": "stig_zos_compuware_abend-aidtss",
+  "date": "2015-09-25",
+  "description": "None",
+  "title": "z/OS Compuware Abend-AID for TSS STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "Compuware Abend-AID installation data sets will be properly protected.",
+      "description": "Compuware Abend-AID installation data sets have the ability to use privileged functions and/or have access to sensitive data.  Failure to properly restrict access to these data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17067",
+      "title": "Compuware Abend-AID STC data sets will be properly protected.",
+      "description": "Compuware Abend-AID STC data sets have the ability to use privileged functions and/or have access to sensitive data.  Failure to properly restrict access to these data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "Compuware Abend-AID Started Task name will be properly identified and/or defined to the system ACP.",
+      "description": "Compuware Abend-AID requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17454",
+      "title": "Compuware Abend-AID Started task will be properly defined to the Started Task Table for Top Secret.",
+      "description": "Access to product resources should be restricted to only those individuals responsible for the application connectivity and who have a requirement to access these resources.  Improper control of product resources could potentially compromise the operating system, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17947",
+      "title": "Compuware Abend-AID resources will be properly defined and protected.",
+      "description": "Compuware Abend-AID can run with sensitive system privileges, and potentially can circumvent system controls.  Failure to properly control access to product resources could result in the compromise of the operating system environment, and compromise the confidentiality of customer data.  Many utilities assign resource controls that can be granted to system programmers only in greater than read authority.  Resources are also granted to certain non systems personnel with read only authority.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-18014",
+      "title": "Compuware Abend-AID external security options will be specified properly.",
+      "description": "Compuware Abend-AID offers external security interfaces that are controlled by parameters specified in FDBDPARM DD statement of the started task procedures.  These interfaces provide security controls for Abend-AID.  Without proper controls to ensure that security is active, the integrity of the Compuware Abend-AID System and the confidentiality of data stored on the system may be compromised.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-21592",
+      "title": "Compuware Abend-AID user data sets must be properly protected.",
+      "description": "Compuware Abend-AID user data sets have the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to these data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_cssmtpacf2.json

@@ -0,0 +1,23 @@
+{
+  "name": "stig_zos_cssmtpacf2",
+  "date": "2017-09-15",
+  "description": "None",
+  "title": "z/OS CSSMTP for ACF2 STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-17067",
+      "title": "IBM Communications Server Simple Mail Transfer Protocol (CSSMTP) STC data sets must be properly protected.",
+      "description": "IBM Communications Server Simple Mail Transfer Protocol (CSSMTP) STC data sets have the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "IBM CSSMTP Started Task name is not properly identified and/or defined to the system ACP.",
+      "description": "IBM CSSMTP requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_cssmtpracf.json

@@ -0,0 +1,29 @@
+{
+  "name": "stig_zos_cssmtpracf",
+  "date": "2017-09-15",
+  "description": "None",
+  "title": "z/OS CSSMTP for RACF STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-17067",
+      "title": "IBM Communications Server Simple Mail Transfer Protocol (CSSMTP) STC data sets must be properly protected.",
+      "description": "IBM Communications Server Simple Mail Transfer Protocol (CSSMTP) STC data sets have the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "IBM CSSMTP Started Task name is not properly identified and/or defined to the system ACP.",
+      "description": "IBM CSSMTP requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17454",
+      "title": "IBM CSSMTP Started task(s) must be properly defined to the STARTED resource class for RACF.",
+      "description": "Access to product resources should be restricted to only those individuals responsible for the application connectivity and who have a requirement to access these resources.  Improper control of product resources could potentially compromise the operating system, ACP, and customer data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_cssmtptss.json

@@ -0,0 +1,29 @@
+{
+  "name": "stig_zos_cssmtptss",
+  "date": "2017-09-15",
+  "description": "None",
+  "title": "z/OS CSSMTP for TSS STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-17067",
+      "title": "IBM Communications Server Simple Mail Transfer Protocol (CSSMTP) STC data sets must be properly protected.",
+      "description": "IBM Communications Server Simple Mail Transfer Protocol (CSSMTP) STC data sets have the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17452",
+      "title": "IBM CSSMTP Started Task name is not properly identified and/or defined to the system ACP.",
+      "description": "IBM CSSMTP requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the started task as a userid to the system ACP, It allows the ACP to control the access and authorized users that require these capabilities. Failure to properly control these capabilities, could compromise of the operating system environment, ACP, and customer data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17454",
+      "title": "IBM CSSMTP Started task(s) must be properly defined to the Started Task Table ACID for Top Secret.",
+      "description": "Access to product resources should be restricted to only those individuals responsible for the application connectivity and who have a requirement to access these resources.  Improper control of product resources could potentially compromise the operating system, ACP, and customer data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_fdracf2.json

@@ -0,0 +1,23 @@
+{
+  "name": "stig_zos_fdracf2",
+  "date": "2015-01-15",
+  "description": "None",
+  "title": "z/OS FDR for ACF2 STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "Fast Dump Restore (FDR) install data sets are not properly protected.",
+      "description": "Fast Dump Restore (FDR) install have the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-18014",
+      "title": "FDR (Fast Dump Restore) security options are improperly specified.",
+      "description": "Product configuration/parameters control the security and operational characteristics of products.  If these parameter values are improperly specified, security and operational controls may be weakened.  This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data.",
+      "severity": "high"
+    }
+  ]
+}

data/standards/stig_zos_fdrracf.json

@@ -0,0 +1,23 @@
+{
+  "name": "stig_zos_fdrracf",
+  "date": "2015-01-15",
+  "description": "None",
+  "title": "z/OS FDR for RACF STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "Fast Dump Restore (FDR) install data sets are not properly protected.",
+      "description": "Fast Dump Restore (FDR) install have the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-18014",
+      "title": "FDR (Fast Dump Restore) security options are improperly specified.",
+      "description": "Product configuration/parameters control the security and operational characteristics of products.  If these parameter values are improperly specified, security and operational controls may be weakened.  This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data.",
+      "severity": "high"
+    }
+  ]
+}

data/standards/stig_zos_fdrtss.json

@@ -0,0 +1,23 @@
+{
+  "name": "stig_zos_fdrtss",
+  "date": "2015-01-15",
+  "description": "None",
+  "title": "z/OS FDR for TSS STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "Fast Dump Restore (FDR) install data sets are not properly protected.",
+      "description": "Fast Dump Restore (FDR) install have the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-18014",
+      "title": "FDR (Fast Dump Restore) security options are improperly specified.",
+      "description": "Product configuration/parameters control the security and operational characteristics of products.  If these parameter values are improperly specified, security and operational controls may be weakened.  This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data.",
+      "severity": "high"
+    }
+  ]
+}

data/standards/stig_zos_hcdacf2.json

@@ -0,0 +1,29 @@
+{
+  "name": "stig_zos_hcdacf2",
+  "date": "2015-01-15",
+  "description": "None",
+  "title": "z/OS HCD for ACF2 STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "IBM Hardware Configuration Definition (HCD) install data sets are not properly protected.",
+      "description": "IBM Hardware Configuration Definition (HCD) product has the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17947",
+      "title": "IBM Hardware Configuration Definition (HCD) resources are not properly defined and protected.",
+      "description": "Program products can run with sensitive system privileges, and potentially can circumvent system controls.  Failure to properly control access to program product resources could result in the compromise of the operating system environment, and compromise the confidentiality of customer data. Many utilities assign resource controls that can be granted to system programmers only in greater than read authority. Resources are also granted to certain non sytems personnel with read only authority.  ",
+      "severity": "medium"
+    },
+    {
+      "id": "V-21592",
+      "title": "IBM Hardware Configuration Definition (HCD) User data sets are not properly protected.",
+      "description": "IBM Hardware Configuration Definition (HCD) product has the capability to use privileged functions and/or to have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    }
+  ]
+}

data/standards/stig_zos_hcdracf.json

@@ -0,0 +1,29 @@
+{
+  "name": "stig_zos_hcdracf",
+  "date": "2015-01-15",
+  "description": "None",
+  "title": "z/OS HCD for RACF STIG",
+  "version": "None",
+  "item_syntax": "^\\w-\\d+$",
+  "section_separator": null,
+  "items": [
+    {
+      "id": "V-16932",
+      "title": "IBM Hardware Configuration Definition (HCD) install data sets are not properly protected.",
+      "description": "IBM Hardware Configuration Definition (HCD) product has the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    },
+    {
+      "id": "V-17947",
+      "title": "IBM Hardware Configuration Definition (HCD) resources are not properly defined and protected.",
+      "description": "Program products can run with sensitive system privileges, and potentially can circumvent system controls.  Failure to properly control access to program product resources could result in the compromise of the operating system environment, and compromise the confidentiality of customer data. Many utilities assign resource controls that can be granted to system programmers only in greater than read authority. Resources are also granted to certain non sytems personnel with read only authority.  ",
+      "severity": "medium"
+    },
+    {
+      "id": "V-21592",
+      "title": "IBM Hardware Configuration Definition (HCD) User data sets are not properly protected.",
+      "description": "IBM Hardware Configuration Definition (HCD) product has the capability to use privileged functions and/or to have access to sensitive data. Failure to properly restrict access to their data sets could result in violating the integrity of the base product which could result in compromising the operating system or sensitive data.",
+      "severity": "medium"
+    }
+  ]
+}