An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2026
Xylok, LLC
Version: releases-v2026.03.1 - rmfrev5
Xylok
Home Menu
info@xylok.io
© 2026
Xylok, LLC
Version: releases-v2026.03.1 - rmfrev5
Open sidebar
Navigate
Top
Search
Checks (
224
)
Print
Changes
Pages (
13/15
)
IBM z/OS RACF STIG
IBM z/OS RACF Security Technical Implementation Guide
v9 r7 (Released Jan. 5, 2026)
v9 r6 (Released Oct. 1, 2025)
v9 r5 (Released July 2, 2025)
v9 r4 (Released April 2, 2025)
v9 r3 (Released Jan. 30, 2025)
v9 r2 (Released Oct. 24, 2024)
v9 r1 (Released July 24, 2024)
v8 r14 (Released April 24, 2024)
v8 r13 (Released Jan. 24, 2024)
v8 r12 (Released July 26, 2023)
v8 r11 (Released April 27, 2023)
v8 r10 (Released Jan. 26, 2023)
v8 r9 (Released Nov. 23, 2022)
v8 r8 (Released Oct. 26, 2022)
v8 r7 (Released April 27, 2022)
v8 r6 (Released Jan. 27, 2022)
v8 r5 (Released Oct. 27, 2021)
v8 r4 (Released July 23, 2021)
v8 r3 (Released April 23, 2021)
v8 r2 (Released Jan. 22, 2021)
v8 r1 (Released Oct. 23, 2020)
v7 r3 (Released July 24, 2020)
v7 r2 (Released April 24, 2020)
v7 r1 (Released Nov. 18, 2019)
v7 r0.1 (Released April 5, 2019)
ID
Vuln ID
Title
Cat
Status
RACF-TC-000065
V-272877
IBM z/OS started tasks for the Base TCP/IP component must be defined in accordance with security requirements.
Cat II
RACF-TC-000070
V-223826
IBM z/OS data sets for the Base TCP/IP component must be properly protected.
Cat II
RACF-TC-000080
V-223827
IBM z/OS Configuration files for the TCP/IP stack must be properly specified.
Cat II
RACF-TC-000100
V-245536
The IBM z/OS TCPIP.DATA configuration statement must contain the DOMAINORIGIN or DOMAIN specified for each TCP/IP defined.
Cat II
RACF-TC-000110
V-252553
IBM z/OS TCP/IP AT-TLS policy must be properly configured in Policy Agent.
Cat II
RACF-TN-000020
V-223831
IBM z/OS SSL encryption options for the TN3270 Telnet Server must be specified properly for each statement that defines a SECUREPORT or within the TELNETGLOBALS.
Cat II
RACF-TN-000040
V-223833
The IBM z/OS warning banner for the TN3270 Telnet server must contain the proper content of the Standard Mandatory DoD Notice and Consent Banner.
Cat II
RACF-TN-000050
V-223834
IBM z/OS VTAM session setup controls for the TN3270 Telnet server must be properly specified.
Cat II
RACF-TN-000060
V-223835
The IBM z/OS PROFILE.TCPIP configuration for the TN3270 Telnet server must have the INACTIVE statement properly specified.
Cat II
RACF-TS-000010
V-223836
IBM Z/OS TSOAUTH resources must be restricted to authorized users.
Cat II
RACF-TS-000020
V-223837
IBM RACF LOGONIDs must not be defined to SYS1.UADS for non-emergency use.
Cat I
RACF-US-000010
V-223838
The IBM z/OS UNIX SUPERUSER resources must be protected in accordance with guidelines.
Cat I
RACF-US-000020
V-223839
IBM z/OS BPX resource(s) must be protected in accordance with security requirements.
Cat II
RACF-US-000030
V-223840
IBM z/OS UNIX MVS HFS directories with other write permission bit set must be properly defined.
Cat II
RACF-US-000050
V-223842
IBM z/OS UNIX security parameters in etc/profile must be properly specified.
Cat II
Prev
1...
9
10
11
12
13
14
15
Next
Print
Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Version Changes
If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.