A fix is available
APAR status
Closed as program error.
Error description
Remediation of IBM Security Engineering Framework (SEF) scan results
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All Tivoli Event Pump for z/OS users. * **************************************************************** * PROBLEM DESCRIPTION: This APAR enhances Tivoli Event Pump * * for z/OS product in accordance with IBM * * Secure Engineering Framework (SEF) * * standards. It also contains fix for * * S0C4 ABEND that could occur in internal * * codepage conversation routines. * **************************************************************** * RECOMMENDATION: Apply the PTF. * **************************************************************** Tivoli Event Pump for z/OS logs user related information (userid and password) into AOPSCLOG (AOPLOG) data set if options VALIDATE_SOAP_USERS and LOG_REQUESTS set to YES. Tivoli Event Pump for z/OS generates RACF PassTickets for user ID that is used by Tivoli Event Pump for z/OS address space to communicate with another instance of application. This information is used by other instances of Tivoli Event Pump for z/OS in SYSPLEX environment to check user credentials and perform requested action. Even if PassTickets have certain period of validity they can be used to execute third-party actions on particular Tivoli Event Pump for z/OS environment. There are also several minor security vulnerabilities in Tivoli Event Pump for z/OS product, but they could not affect users or systems running the product. The ABEND S0C4 could occur in Source Collector component for Tivoli Event Pump for z/OS: SYSTEM COMPLETION CODE=0C4 REASON CODE=00000010 TIME=14.11.43 SEQ=00165 CPU=0000 ASID=0046 PSW AT TIME OF ERROR 078D2000 8440D438 ILC 4 INTC 10 NO ACTIVE MODULE FOUND NAME=UNKNOWN DATA AT PSW 0440D432 - A5A44780 C07ABF3F 10004770 AR/GR 0: 8D3AC47A/00000066 1: 00000000/7465643C 2: 00000000/0F107D77 3: 00000000/7465643C 4: 00000000/0F107E8B 5: 00000000/00000000 6: 00000000/0EB23BAF 7: 00000000/8440D4F4 8: 00000000/00000114 9: 00000000/0EB23BB4 A: 00000000/0EB23AB0 B: 00000000/8440D426 C: 00000000/8440D3D0 D: 00000000/0440E3C8 E: 00000000/8440E89E F: 01000002/00000031 This ABEND occurs only for external (outside z/OS SYSPLEX) SOAP requests when ASCII to EBCDIC conversation is needed. Since Tivoli Event Pump for z/OS SOAP server does not involved in any heterogeneous interchange probability of this event is considerably low.
Problem conclusion
Tivoli Event Pump for z/OS replaces the user related information (userid and password) with asterisk (*) symbols in AOPSCLOG (AOPLOG) data set. All minor security vulnerabilities as well as 0C4 ABEND in convertation routines were fixed.
Temporary fix
Comments
APAR Information
APAR number
OA38586
Reported component name
EVENT PUMP FOR
Reported component ID
5698B3400
Reported release
422
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2012-01-25
Closed date
2012-02-15
Last modified date
2012-04-03
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UA64199
Modules/Macros
GTMIPCRH GTMRXA2E GTMRXE2A GTMSENDR GTMSENDX GTMSOAP
Fix information
Fixed component name
EVENT PUMP FOR
Fixed component ID
5698B3400
Applicable component levels
R422 PSY UA64199
UP12/03/03 P F203
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSXTW7","label":"Tivoli Event Pump for z\/OS"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"422","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"422","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
03 April 2012