This page was not yet optimized for use on mobile
devices.
Cisco Aggregation Services Router 1000 Series (ASR1K), Cisco Catalyst 8200, 8300, 8500 Series Edge Routers (Cat8K) running IOS-XE version 17.15
Known vulnerabilities detected
Our automated heuristics have identified vulnerabilities that may be associated with this certificate. See the CVEs section for details.CSV information
| Status | active |
|---|---|
| Valid from | 29.09.2025 |
| Valid until | 29.09.2027 |
| Scheme | 🇺🇸 US |
| Manufacturer | Cisco Systems, Inc. |
| Category | Network and Network-Related Devices and Systems |
| Security level | |
| Protection profiles | |
| Maintenance updates | Cisco Aggregation Services Router 1000 Series (ASR1K), Cisco Catalyst 8200, 8300, 8500 Series Edge Routers (Cat8K) running IOS-XE version 17.18 (12.12.2025) Certification report Security target |
Heuristics summary
Certificate ID: CCEVS-VR-VID-11642-2025
Certificate
certificate file processing did not finish successfully.
Show more...
Download pdf:
OK
Convert pdf to text:
OK
Extract keywords:
ERROR
Extracted keywords
Protocols
SSH, VPNVendor
Cisco Systems, Inc, CiscoCertificates
CCEVS-VR-VID11642-2025Evaluation facilities
Lightship SecurityCertification report
Extracted keywords
Symmetric Algorithms
AES, AES-, HMAC, CMACAsymmetric Algorithms
ECDSA, ECC, DHHash functions
SHA-1, SHA-256, SHA-512Schemes
MAC, Key Exchange, Key exchange, Key Agreement, AEADProtocols
SSH, SSHv2, IKEv2, IKE, IPsec, VPNRandomness
DRBG, RBGLibraries
OpenSSLElliptic Curves
P-256, P-521Trusted Execution Environments
SSCVendor
Broadcom, Cisco, Cisco Systems, IncSecurity Functional Requirements (SFR)
FCS_COP, FCS_CKM.1, FCS_CKM, FCS_CKM.2, FCS_RBG_EXT, FCS_MKA_EXT.1, FTP_ITC.1Certificates
CCEVS-VR-VID11642-2025Evaluation facilities
Lightship SecurityStandards
FIPS PUB 180-4, FIPS PUB 198-1, FIPS PUB 186-4, NIST SP 800-38B, NIST SP 800-38F, NIST SP 800-56A, NIST SP 800-90A, SP 800-90, RFC 5280, ISO/IEC 18031:2011, CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003, CCMB-2017-04-004File metadata
| Author | Chris Thorpe |
|---|---|
| Creation date | D:20250930162403-04'00' |
| Modification date | D:20250930162403-04'00' |
| Pages | 33 |
| Creator | Microsoft® Word 2019 |
| Producer | Microsoft® Word 2019 |
Frontpage
| Certificate ID | CCEVS-VR-VID11642-2025 |
|---|---|
| Certified item | for the Cisco Aggregation Services Router 1000 Series (ASR1K), Cisco Catalyst 8200, 8300, 8500 Series Edge Routers (Cat8K) running IOS-XE 17.15 |
| Certification lab | US NIAP |
Security target
Extracted keywords
Symmetric Algorithms
AES, AES-128, AES-256, AES-, DES, 3DES, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, CMACAsymmetric Algorithms
ECDSA, ECC, DH, Diffie-HellmanHash functions
SHA-1, SHA-256, SHA-512, SHA-384, SHA256Schemes
MAC, Key Exchange, Key exchange, Key Agreement, AEADProtocols
SSH, SSHv2, SSL, TLS, TLS 1.2, IKE, IKEv2, IPsec, VPNRandomness
DRBG, RNG, RBGElliptic Curves
P-256, P-521, P-384Block cipher modes
ECB, CBC, CTR, GCMTrusted Execution Environments
SSCVendor
Broadcom, Cisco Systems, Inc, CiscoClaims
O.ADDRESS_FILTERING, O.AUTHENTICATION, O.CRYPTOGRAPHIC_FUNCTIONS, O.FAIL_SECURE, O.PORT_FILTERING, O.SYSTEM_MONITORING, O.TOE_ADMINISTRATION, O.AUTHORIZED_ADMINISTRATION, O.AUTHENTICATION_MACSEC, O.CRYPTOGRAPHIC_FUNCTIONS_MACSEC, O.PORT_FILTERING_MACSEC, O.REPLAY_DETECTION, O.SYSTEM_MONITORING_MACSEC, O.TSF_INTEGRITY, T.UNAUTHORIZED_ADMINISTRATOR_ACCESS, T.WEAK_CRYPTOGRAPHY, T.UNTRUSTED_COMMUNICATION_CHANNELS, T.WEAK_AUTHENTICATION_ENDPOINTS, T.UPDATE_COMPROMISE, T.UNDETECTED_ACTIVITY, T.SECURITY_FUNCTIONALITY_COMPROMISE, T.SECURITY_FUNCTIONALITY_FAILURE, T.DATA_INTEGRITY, T.NETWORK_ACCESS, T.NETWORK_DISCLOSURE, T.NETWORK_MISUSE, T.REPLAY_ATTACK, T.UNTRUSTED_MACSEC_COMMUNICATION_CHANNELS, A.CONNECTIONS, A.PHYSICAL_PROTECTION, A.LIMITED_FUNCTIONALITY, A.NO_THRU_TRAFFIC_PROTECTION, A.TRUSTED_ADMINISTRATOR, A.REGULAR_UPDATES, A.ADMIN_CREDENTIALS_SECURE, A.RESIDUAL_INFORMATION, OE.PHYSICAL, OE.NO_GENERAL_PURPOSE, OE.NO_THRU_TRAFFIC_PROTECTION, OE.TRUSTED_ADMIN, OE.UPDATES, OE.ADMIN_CREDENTIALS_SECURE, OE.RESIDUAL_INFORMATION, OE.CONNECTIONSSecurity Assurance Requirements (SAR)
ADV_FSP.1, AGD_OPE.1, AGD_PRE.1, AGD_OPE, AGD_PRE, ALC_CMC.1, ALC_CMS.1, ALC_FLR.2, ATE_IND.1, AVA_VAN.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.1, ASE_REQ.1, ASE_SPD.1, ASE_TSS.1Security Functional Requirements (SFR)
FAU_GEN.1, FAU_GEN, FAU_GEN.2, FAU_STG.1, FAU_STG_EXT.1, FAU_GEN.1.1, FAU_GEN.1.2, FAU_GEN.2.1, FAU_STG.1.1, FAU_STG.1.2, FAU_STG_EXT.1.1, FAU_STG_EXT.1.2, FAU_STG_EXT.1.3, FAU_STG_EXT.1.4, FAU_STG_EXT.1.5, FAU_STG_EXT.1.6, FCS_COP, FCS_CKM.1, FCS_CKM, FCS_CKM.2, FCS_RBG_EXT, FCS_CKM.4, FCS_MKA_EXT.1, FCS_NTP_EXT.1, FCS_SSH_EXT.1, FCS_SSHS_EXT.1, FCS_RBG_EXT.1, FCS_CKM.1.1, FCS_CKM.2.1, FCS_CKM.4.1, FCS_COP.1, FCS_MKA_EXT.1.1, FCS_MKA_EXT.1.2, FCS_MKA_EXT.1.3, FCS_MKA_EXT.1.4, FCS_MKA_EXT.1.5, FCS_MKA_EXT.1.6, FCS_MKA_EXT.1.7, FCS_NTP_EXT.1.1, FCS_NTP_EXT.1.2, FCS_NTP_EXT.1.3, FCS_NTP_EXT.1.4, FCS_SSH_EXT.1.1, FCS_SSH_EXT.1.2, FCS_SSH_EXT.1.3, FCS_SSH_EXT.1.4, FCS_SSH_EXT.1.5, FCS_SSH_EXT.1.6, FCS_SSH_EXT.1.7, FCS_SSH_EXT.1.8, FCS_SSHS_EXT.1.1, FCS_RBG_EXT.1.1, FCS_RBG_EXT.1.2, FCS_SSHS_EXT.1.3, FIA_AFL.1, FIA_PMG_EXT.1, FIA_PSK_EXT.1, FIA_PSK_EXT.2, FIA_UIA_EXT.1, FIA_UAU.7, FIA_AFL.1.1, FIA_AFL.1.2, FIA_PMG_EXT.1.1, FIA_PSK_EXT.1.1, FIA_PSK_EXT.1.2, FIA_PSK_EXT.2.1, FIA_UIA_EXT.1.1, FIA_UIA_EXT.1.2, FIA_UIA_EXT.1.3, FIA_UIA_EXT.1.4, FIA_UAU.7.1, FIA_PSK_EXT.3, FMT_MOF, FMT_MTD, FMT_SMF.1, FMT_SMF, FMT_SMR.2, FMT_MOF.1, FMT_MTD.1, FMT_SMF.1.1, FMT_SMR.2.1, FMT_SMR.2.2, FMT_SMR.2.3, FPT_APW_EXT.1, FPT_FLS.1, FPT_FLS, FPT_SKP_EXT.1, FPT_STM_EXT.1, FPT_TST_EXT.1, FPT_TST_EXT.3, FPT_TUD_EXT.1, FPT_RPL.1, FPT_RPL_EXT.1, FPT_CAK_EXT.1, FPT_APW_EXT.1.1, FPT_APW_EXT.1.2, FPT_FLS.1.1, FPT_SKP_EXT, FPT_SKP_EXT.1.1, FPT_STM_EXT.1.1, FPT_STM_EXT.1.2, FPT_TST_EXT, FPT_TST_EXT.1.1, FPT_TST_EXT.1.2, FPT_TST_EXT.3.1, FPT_TST_EXT.3.2, FPT_TUD_EXT.1.1, FPT_TUD_EXT.1.2, FPT_TUD_EXT.1.3, FPT_RPL.1.1, FPT_RPL_EXT.1.1, FPT_RPL_EXT.1.2, FPT_CAK_EXT.1.1, FPT_ITC, FTA_SSL_EXT.1, FTA_SSL.3, FTA_SSL.4, FTA_TAB.1, FTA_SSL_EXT.1.1, FTA_SSL.4.1, FTP_ITC.1, FTP_ITC, FTP_TRP, FTP_ITC.1.2, FTP_ITC.1.3, FTP_TRP.1Standards
FIPS PUB 180-4, FIPS PUB 198-1, FIPS PUB 186-4, FIPS PUB 186-5, FIPS 140-2, FIPS PUB 140-2, FIPS PUB 180-3, FIPS 186-5, NIST SP 800-38B, NIST SP 800-38F, NIST SP 800-56A, NIST SP 800-90A, SP 800-90, NIST SP 800-186, NIST SP 800-57, PKCS #1, PKCS12, RFC 5280, RFC 3526, RFC 4301, RFC 4303, RFC 3602, RFC 4106, RFC 7296, RFC 4868, RFC 5282, RFC 5114, RFC 4945, RFC 8784, RFC 5905, RFC 4252, RFC 8332, RFC 5656, RFC 4253, RFC 5647, RFC 6668, RFC 5759, RFC 2986, RFC 791, RFC 8200, RFC 793, RFC 768, RFC 8603, ISO/IEC 14888-3, ISO/IEC 9796-2, ISO/IEC 18031:2011, X.509File metadata
| Title | VID11642-ST |
|---|---|
| Author | Cisco CC TME |
| Creation date | D:20250930173350-04'00' |
| Modification date | D:20250930173350-04'00' |
| Pages | 90 |
| Creator | Microsoft® Word 2019 |
| Producer | Microsoft® Word 2019 |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.Certificate ID
CCEVS-VR-VID-11642-2025Extracted SARs
ADV_FSP.1, AGD_OPE.1, AGD_PRE.1, ALC_CMC.1, ALC_CMS.1, ALC_FLR.2, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.1, ASE_REQ.1, ASE_SPD.1, ASE_TSS.1, ATE_IND.1, AVA_VAN.1CPE matches
- cpe:2.3:o:cisco:ios_xe:17.15.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:17.15.1y:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:17.15.1z:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:17.15.3:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:17.15.3a:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:17.15.3b:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:17.15.4:*:*:*:*:*:*:*
Related CVEs
| ID | Links | Severity | CVSS Score | Published on |
|---|---|---|---|---|
| Base score | ||||
| CVE-2025-20162 | HIGH | 8.6 | 07.05.2025 | |
| CVE-2025-20169 | HIGH | 7.7 | 05.02.2025 | |
| CVE-2025-20170 | HIGH | 7.7 | 05.02.2025 | |
| CVE-2025-20171 | HIGH | 7.7 | 05.02.2025 | |
| CVE-2025-20172 | HIGH | 7.7 | 05.02.2025 | |
| CVE-2025-20173 | HIGH | 7.7 | 05.02.2025 | |
| CVE-2025-20175 | HIGH | 7.7 | 05.02.2025 | |
| CVE-2025-20176 | HIGH | 7.7 | 05.02.2025 | |
| CVE-2025-20194 | MEDIUM | 5.4 | 07.05.2025 | |
| CVE-2025-20197 | HIGH | 8.2 | 07.05.2025 | |
| CVE-2025-20198 | HIGH | 8.2 | 07.05.2025 | |
| CVE-2025-20199 | HIGH | 8.2 | 07.05.2025 | |
| CVE-2025-20200 | HIGH | 8.2 | 07.05.2025 | |
| CVE-2025-20201 | MEDIUM | 6.7 | 07.05.2025 | |
| CVE-2025-20202 | HIGH | 7.4 | 07.05.2025 | |
| CVE-2025-20221 | CRITICAL | 9.1 | 07.05.2025 | |
| CVE-2025-20338 | MEDIUM | 6.7 | 24.09.2025 | |
| CVE-2025-20352 | HIGH | 7.7 | 24.09.2025 | |
| CVE-2025-20363 | CRITICAL | 9.0 | 25.09.2025 |
Showing 5 out of 19.
Similar certificates
Showing 5 out of 15.
Scheme data
| Product | Cisco Aggregation Services Router 1000 Series (ASR1K), Cisco Catalyst 8200, 8300, 8500 Series Edge Routers (Cat8K) running IOS-XE version 17.15 | |
|---|---|---|
| Id | CCEVS-VR-VID11642-2025 | |
| Url | https://www.niap-ccevs.org/products/11642 | |
| Api Url | https://www.niap-ccevs.org/api/project/product/pcl_products/11642/ | |
| Certification Date | 29.09.2025 | |
| Expiration Date | None | |
| Category | Network Device | |
| Categories | ['Network Device', 'Network Encryption', 'Virtual Private Network'] | |
| Vendor | Cisco Systems, Inc. | |
| Evaluation Facility | Lightship Security USA, Inc. | |
| Scheme | US | |
| Cert Link | https://www.niap-ccevs.org/api/file/get_public_file/?file_id=35936 | |
| Target Link | https://www.niap-ccevs.org/api/file/get_public_file/?file_id=35937 | |
| Report Link | https://www.niap-ccevs.org/api/file/get_public_file/?file_id=35938 | |
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Network and Network-Related Devices and Systems",
"cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11642-ci.pdf",
"dgst": "3cfeaf526ef6cfb7",
"heuristics": {
"_type": "sec_certs.sample.cc_eucc_common.Heuristics",
"annotated_references": null,
"cert_id": "CCEVS-VR-VID-11642-2025",
"cert_lab": [
"US"
],
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:o:cisco:ios_xe:17.15.1y:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:ios_xe:17.15.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:ios_xe:17.15.1z:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:ios_xe:17.15.1:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:ios_xe:17.15.3b:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:ios_xe:17.15.4:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:ios_xe:17.15.3a:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"eal": "EAL1",
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_FLR",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 1
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"17.15"
]
},
"indirect_transitive_cves": null,
"next_certificates": null,
"prev_certificates": null,
"protection_profiles": {
"_type": "Set",
"elements": [
"e2ad7e4a892e3703",
"4704bfbdf61ca066",
"ed9c9d74c3710878",
"51ed84742f89c3f7"
]
},
"related_cves": {
"_type": "Set",
"elements": [
"CVE-2025-20175",
"CVE-2025-20352",
"CVE-2025-20338",
"CVE-2025-20194",
"CVE-2025-20198",
"CVE-2025-20173",
"CVE-2025-20169",
"CVE-2025-20171",
"CVE-2025-20170",
"CVE-2025-20172",
"CVE-2025-20162",
"CVE-2025-20200",
"CVE-2025-20197",
"CVE-2025-20221",
"CVE-2025-20202",
"CVE-2025-20363",
"CVE-2025-20176",
"CVE-2025-20199",
"CVE-2025-20201"
]
},
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"scheme_data": {
"api_url": "https://www.niap-ccevs.org/api/project/product/pcl_products/11642/",
"categories": [
"Network Device",
"Network Encryption",
"Virtual Private Network"
],
"category": "Network Device",
"cert_link": "https://www.niap-ccevs.org/api/file/get_public_file/?file_id=35936",
"certification_date": "2025-09-29",
"evaluation_facility": "Lightship Security USA, Inc.",
"expiration_date": null,
"id": "CCEVS-VR-VID11642-2025",
"product": "Cisco Aggregation Services Router 1000 Series (ASR1K), Cisco Catalyst 8200, 8300, 8500 Series Edge Routers (Cat8K) running IOS-XE version 17.15",
"report_link": "https://www.niap-ccevs.org/api/file/get_public_file/?file_id=35938",
"scheme": "US",
"target_link": "https://www.niap-ccevs.org/api/file/get_public_file/?file_id=35937",
"url": "https://www.niap-ccevs.org/products/11642",
"vendor": "Cisco Systems, Inc."
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.cc.CCCertificate.MaintenanceReport",
"maintenance_date": "2025-12-12",
"maintenance_report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11642-add1.pdf",
"maintenance_st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11642-st-am.pdf",
"maintenance_title": "Cisco Aggregation Services Router 1000 Series (ASR1K), Cisco Catalyst 8200, 8300, 8500 Series Edge Routers (Cat8K) running IOS-XE version 17.18"
}
]
},
"manufacturer": "Cisco Systems, Inc.",
"manufacturer_web": "https://www.cisco.com",
"name": "Cisco Aggregation Services Router 1000 Series (ASR1K), Cisco Catalyst 8200, 8300, 8500 Series Edge Routers (Cat8K) running IOS-XE version 17.15",
"not_valid_after": "2027-09-29",
"not_valid_before": "2025-09-29",
"pdf_data": {
"_type": "sec_certs.sample.cc_eucc_common.PdfData",
"cert_filename": "st_vid11642-ci.pdf",
"cert_frontpage": null,
"cert_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"US": {
"CCEVS-VR-VID11642-2025": 1
}
},
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {},
"cc_security_level": {},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"SSH": {
"SSH": 1
},
"VPN": {
"VPN": 1
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"Lightship": {
"Lightship Security": 1
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Cisco": {
"Cisco": 2,
"Cisco Systems, Inc": 1
}
},
"vulnerability": {}
},
"cert_metadata": null,
"report_filename": "st_vid11642-vr.pdf",
"report_frontpage": {
"US": {
"cert_id": "CCEVS-VR-VID11642-2025",
"cert_item": "for the Cisco Aggregation Services Router 1000 Series (ASR1K), Cisco Catalyst 8200, 8300, 8500 Series Edge Routers (Cat8K) running IOS-XE 17.15",
"cert_lab": "US NIAP"
}
},
"report_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDSA": {
"ECDSA": 3
}
},
"FF": {
"DH": {
"DH": 2
}
}
},
"cc_cert_id": {
"US": {
"CCEVS-VR-VID11642-2025": 1
}
},
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {},
"cc_security_level": {},
"cc_sfr": {
"FCS": {
"FCS_CKM": 3,
"FCS_CKM.1": 3,
"FCS_CKM.2": 2,
"FCS_COP": 8,
"FCS_MKA_EXT.1": 1,
"FCS_RBG_EXT": 1
},
"FTP": {
"FTP_ITC.1": 1
}
},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 1
}
},
"crypto_protocol": {
"IKE": {
"IKE": 2,
"IKEv2": 2
},
"IPsec": {
"IPsec": 29
},
"SSH": {
"SSH": 19,
"SSHv2": 5
},
"VPN": {
"VPN": 17
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 1
},
"KA": {
"Key Agreement": 1
},
"KEX": {
"Key Exchange": 1,
"Key exchange": 3
},
"MAC": {
"MAC": 2
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 6,
"P-521": 2
}
},
"eval_facility": {
"Lightship": {
"Lightship Security": 6
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 1
},
"SHA2": {
"SHA-256": 1,
"SHA-512": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 1
},
"RNG": {
"RBG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"CC": {
"CCMB-2017-04-001": 1,
"CCMB-2017-04-002": 1,
"CCMB-2017-04-003": 1,
"CCMB-2017-04-004": 1
},
"FIPS": {
"FIPS PUB 180-4": 1,
"FIPS PUB 186-4": 4,
"FIPS PUB 198-1": 1
},
"ISO": {
"ISO/IEC 18031:2011": 1
},
"NIST": {
"NIST SP 800-38B": 1,
"NIST SP 800-38F": 2,
"NIST SP 800-56A": 3,
"NIST SP 800-90A": 1,
"SP 800-90": 1
},
"RFC": {
"RFC 5280": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 8,
"AES-": 1
}
},
"constructions": {
"MAC": {
"CMAC": 2,
"HMAC": 2
}
}
},
"technical_report_id": {},
"tee_name": {
"IBM": {
"SSC": 2
}
},
"tls_cipher_suite": {},
"vendor": {
"Broadcom": {
"Broadcom": 11
},
"Cisco": {
"Cisco": 103,
"Cisco Systems, Inc": 2
}
},
"vulnerability": {}
},
"report_metadata": {
"/Author": "Chris Thorpe",
"/CreationDate": "D:20250930162403-04\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2019",
"/ModDate": "D:20250930162403-04\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2019",
"pdf_file_size_bytes": 659442,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"https://www.cvedetails.com/vulnerability-search.php",
"https://www.cisco.com/security/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 33
},
"st_filename": "st_vid11642-st.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 4
},
"ECDSA": {
"ECDSA": 19
}
},
"FF": {
"DH": {
"DH": 20,
"Diffie-Hellman": 12
}
}
},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.ADMIN_CREDENTIALS_SECURE": 1,
"A.CONNECTIONS": 1,
"A.LIMITED_FUNCTIONALITY": 1,
"A.NO_THRU_TRAFFIC_PROTECTION": 1,
"A.PHYSICAL_PROTECTION": 2,
"A.REGULAR_UPDATES": 1,
"A.RESIDUAL_INFORMATION": 1,
"A.TRUSTED_ADMINISTRATOR": 1
},
"O": {
"O.ADDRESS_FILTERING": 1,
"O.AUTHENTICATION": 1,
"O.AUTHENTICATION_MACSEC": 1,
"O.AUTHORIZED_ADMINISTRATION": 1,
"O.CRYPTOGRAPHIC_FUNCTIONS": 1,
"O.CRYPTOGRAPHIC_FUNCTIONS_MACSEC": 1,
"O.FAIL_SECURE": 1,
"O.PORT_FILTERING": 1,
"O.PORT_FILTERING_MACSEC": 1,
"O.REPLAY_DETECTION": 1,
"O.SYSTEM_MONITORING": 1,
"O.SYSTEM_MONITORING_MACSEC": 1,
"O.TOE_ADMINISTRATION": 1,
"O.TSF_INTEGRITY": 1
},
"OE": {
"OE.ADMIN_CREDENTIALS_SECURE": 1,
"OE.CONNECTIONS": 1,
"OE.NO_GENERAL_PURPOSE": 1,
"OE.NO_THRU_TRAFFIC_PROTECTION": 1,
"OE.PHYSICAL": 1,
"OE.RESIDUAL_INFORMATION": 1,
"OE.TRUSTED_ADMIN": 1,
"OE.UPDATES": 1
},
"T": {
"T.DATA_INTEGRITY": 1,
"T.NETWORK_ACCESS": 1,
"T.NETWORK_DISCLOSURE": 1,
"T.NETWORK_MISUSE": 1,
"T.REPLAY_ATTACK": 1,
"T.SECURITY_FUNCTIONALITY_COMPROMISE": 1,
"T.SECURITY_FUNCTIONALITY_FAILURE": 1,
"T.UNAUTHORIZED_ADMINISTRATOR_ACCESS": 1,
"T.UNDETECTED_ACTIVITY": 1,
"T.UNTRUSTED_COMMUNICATION_CHANNELS": 1,
"T.UNTRUSTED_MACSEC_COMMUNICATION_CHANNELS": 1,
"T.UPDATE_COMPROMISE": 1,
"T.WEAK_AUTHENTICATION_ENDPOINTS": 1,
"T.WEAK_CRYPTOGRAPHY": 1
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ADV": {
"ADV_FSP.1": 4
},
"AGD": {
"AGD_OPE": 1,
"AGD_OPE.1": 2,
"AGD_PRE": 1,
"AGD_PRE.1": 2
},
"ALC": {
"ALC_CMC.1": 2,
"ALC_CMS.1": 2,
"ALC_FLR.2": 1
},
"ASE": {
"ASE_CCL.1": 1,
"ASE_ECD.1": 1,
"ASE_INT.1": 1,
"ASE_OBJ.1": 1,
"ASE_REQ.1": 1,
"ASE_SPD.1": 1,
"ASE_TSS.1": 1
},
"ATE": {
"ATE_IND.1": 2
},
"AVA": {
"AVA_VAN.1": 2
}
},
"cc_security_level": {},
"cc_sfr": {
"FAU": {
"FAU_GEN": 7,
"FAU_GEN.1": 9,
"FAU_GEN.1.1": 1,
"FAU_GEN.1.2": 2,
"FAU_GEN.2": 4,
"FAU_GEN.2.1": 1,
"FAU_STG.1": 3,
"FAU_STG.1.1": 1,
"FAU_STG.1.2": 1,
"FAU_STG_EXT.1": 6,
"FAU_STG_EXT.1.1": 1,
"FAU_STG_EXT.1.2": 1,
"FAU_STG_EXT.1.3": 1,
"FAU_STG_EXT.1.4": 1,
"FAU_STG_EXT.1.5": 1,
"FAU_STG_EXT.1.6": 1
},
"FCS": {
"FCS_CKM": 7,
"FCS_CKM.1": 8,
"FCS_CKM.1.1": 1,
"FCS_CKM.2": 6,
"FCS_CKM.2.1": 1,
"FCS_CKM.4": 5,
"FCS_CKM.4.1": 1,
"FCS_COP": 33,
"FCS_COP.1": 6,
"FCS_MKA_EXT.1": 3,
"FCS_MKA_EXT.1.1": 1,
"FCS_MKA_EXT.1.2": 1,
"FCS_MKA_EXT.1.3": 1,
"FCS_MKA_EXT.1.4": 1,
"FCS_MKA_EXT.1.5": 1,
"FCS_MKA_EXT.1.6": 1,
"FCS_MKA_EXT.1.7": 3,
"FCS_NTP_EXT.1": 3,
"FCS_NTP_EXT.1.1": 1,
"FCS_NTP_EXT.1.2": 1,
"FCS_NTP_EXT.1.3": 1,
"FCS_NTP_EXT.1.4": 1,
"FCS_RBG_EXT": 1,
"FCS_RBG_EXT.1": 5,
"FCS_RBG_EXT.1.1": 1,
"FCS_RBG_EXT.1.2": 1,
"FCS_SSHS_EXT.1": 3,
"FCS_SSHS_EXT.1.1": 1,
"FCS_SSHS_EXT.1.3": 1,
"FCS_SSH_EXT.1": 5,
"FCS_SSH_EXT.1.1": 2,
"FCS_SSH_EXT.1.2": 1,
"FCS_SSH_EXT.1.3": 1,
"FCS_SSH_EXT.1.4": 1,
"FCS_SSH_EXT.1.5": 1,
"FCS_SSH_EXT.1.6": 1,
"FCS_SSH_EXT.1.7": 1,
"FCS_SSH_EXT.1.8": 1
},
"FIA": {
"FIA_AFL.1": 6,
"FIA_AFL.1.1": 1,
"FIA_AFL.1.2": 1,
"FIA_PMG_EXT.1": 4,
"FIA_PMG_EXT.1.1": 1,
"FIA_PSK_EXT.1": 8,
"FIA_PSK_EXT.1.1": 3,
"FIA_PSK_EXT.1.2": 2,
"FIA_PSK_EXT.2": 3,
"FIA_PSK_EXT.2.1": 1,
"FIA_PSK_EXT.3": 2,
"FIA_UAU.7": 4,
"FIA_UAU.7.1": 1,
"FIA_UIA_EXT.1": 3,
"FIA_UIA_EXT.1.1": 1,
"FIA_UIA_EXT.1.2": 1,
"FIA_UIA_EXT.1.3": 3,
"FIA_UIA_EXT.1.4": 1
},
"FMT": {
"FMT_MOF": 14,
"FMT_MOF.1": 1,
"FMT_MTD": 9,
"FMT_MTD.1": 1,
"FMT_SMF": 8,
"FMT_SMF.1": 6,
"FMT_SMF.1.1": 2,
"FMT_SMR.2": 4,
"FMT_SMR.2.1": 1,
"FMT_SMR.2.2": 1,
"FMT_SMR.2.3": 1
},
"FPT": {
"FPT_APW_EXT.1": 4,
"FPT_APW_EXT.1.1": 1,
"FPT_APW_EXT.1.2": 1,
"FPT_CAK_EXT.1": 3,
"FPT_CAK_EXT.1.1": 1,
"FPT_FLS": 3,
"FPT_FLS.1": 4,
"FPT_FLS.1.1": 1,
"FPT_ITC": 1,
"FPT_RPL.1": 6,
"FPT_RPL.1.1": 1,
"FPT_RPL_EXT.1": 3,
"FPT_RPL_EXT.1.1": 1,
"FPT_RPL_EXT.1.2": 1,
"FPT_SKP_EXT": 1,
"FPT_SKP_EXT.1": 3,
"FPT_SKP_EXT.1.1": 1,
"FPT_STM_EXT.1": 5,
"FPT_STM_EXT.1.1": 1,
"FPT_STM_EXT.1.2": 1,
"FPT_TST_EXT": 2,
"FPT_TST_EXT.1": 4,
"FPT_TST_EXT.1.1": 1,
"FPT_TST_EXT.1.2": 1,
"FPT_TST_EXT.3": 3,
"FPT_TST_EXT.3.1": 1,
"FPT_TST_EXT.3.2": 1,
"FPT_TUD_EXT.1": 4,
"FPT_TUD_EXT.1.1": 1,
"FPT_TUD_EXT.1.2": 1,
"FPT_TUD_EXT.1.3": 1
},
"FTA": {
"FTA_SSL.3": 6,
"FTA_SSL.4": 4,
"FTA_SSL.4.1": 1,
"FTA_SSL_EXT.1": 5,
"FTA_SSL_EXT.1.1": 1,
"FTA_TAB.1": 6
},
"FTP": {
"FTP_ITC": 6,
"FTP_ITC.1": 12,
"FTP_ITC.1.2": 1,
"FTP_ITC.1.3": 1,
"FTP_TRP": 4,
"FTP_TRP.1": 3
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"CTR": {
"CTR": 1
},
"ECB": {
"ECB": 13
},
"GCM": {
"GCM": 8
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 37,
"IKEv2": 22
},
"IPsec": {
"IPsec": 95
},
"SSH": {
"SSH": 67,
"SSHv2": 14
},
"TLS": {
"SSL": {
"SSL": 1
},
"TLS": {
"TLS": 1,
"TLS 1.2": 1
}
},
"VPN": {
"VPN": 54
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 1
},
"KA": {
"Key Agreement": 10
},
"KEX": {
"Key Exchange": 3,
"Key exchange": 3
},
"MAC": {
"MAC": 15
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 16,
"P-384": 10,
"P-521": 4
}
},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 4
},
"SHA2": {
"SHA-256": 5,
"SHA-384": 2,
"SHA-512": 4,
"SHA256": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 7
},
"RNG": {
"RBG": 4,
"RNG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 2,
"FIPS 186-5": 1,
"FIPS PUB 140-2": 1,
"FIPS PUB 180-3": 2,
"FIPS PUB 180-4": 1,
"FIPS PUB 186-4": 13,
"FIPS PUB 186-5": 8,
"FIPS PUB 198-1": 2
},
"ISO": {
"ISO/IEC 14888-3": 3,
"ISO/IEC 18031:2011": 4,
"ISO/IEC 9796-2": 2
},
"NIST": {
"NIST SP 800-186": 1,
"NIST SP 800-38B": 4,
"NIST SP 800-38F": 4,
"NIST SP 800-56A": 5,
"NIST SP 800-57": 1,
"NIST SP 800-90A": 2,
"SP 800-90": 2
},
"PKCS": {
"PKCS #1": 2,
"PKCS12": 1
},
"RFC": {
"RFC 2986": 1,
"RFC 3526": 5,
"RFC 3602": 6,
"RFC 4106": 5,
"RFC 4252": 2,
"RFC 4253": 4,
"RFC 4301": 2,
"RFC 4303": 2,
"RFC 4868": 1,
"RFC 4945": 1,
"RFC 5114": 2,
"RFC 5280": 5,
"RFC 5282": 1,
"RFC 5647": 1,
"RFC 5656": 8,
"RFC 5759": 1,
"RFC 5905": 1,
"RFC 6668": 2,
"RFC 7296": 2,
"RFC 768": 2,
"RFC 791": 2,
"RFC 793": 2,
"RFC 8200": 2,
"RFC 8332": 4,
"RFC 8603": 1,
"RFC 8784": 3
},
"X509": {
"X.509": 9
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 64,
"AES-": 2,
"AES-128": 1,
"AES-256": 2
}
},
"DES": {
"3DES": {
"3DES": 1
},
"DES": {
"DES": 1
}
},
"constructions": {
"MAC": {
"CMAC": 6,
"HMAC": 9,
"HMAC-SHA-256": 4,
"HMAC-SHA-384": 4,
"HMAC-SHA-512": 6
}
}
},
"technical_report_id": {},
"tee_name": {
"IBM": {
"SSC": 2
}
},
"tls_cipher_suite": {},
"vendor": {
"Broadcom": {
"Broadcom": 20
},
"Cisco": {
"Cisco": 161,
"Cisco Systems, Inc": 4
}
},
"vulnerability": {}
},
"st_metadata": {
"/Author": "Cisco CC TME",
"/CreationDate": "D:20250930173350-04\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2019",
"/ModDate": "D:20250930173350-04\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2019",
"/Title": "VID11642-ST",
"pdf_file_size_bytes": 935653,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.cisco.com/en/US/partner/docs/general/whatsnew/whatsnew.html",
"https://www.niap-ccevs.org/static_html/protection-profile/481/481/index.html#period_81",
"http://www.cisco.com/cisco/software/navigator.html",
"http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html",
"http://www.cisco.com/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 90
}
},
"protection_profile_links": {
"_type": "Set",
"elements": [
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pkg_ssh_v1.0.pdf",
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/MOD_MACSEC_V1.0.pdf",
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/MOD_VPNGW_v1.3.pdf",
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/NDcPP_v3_0e.pdf"
]
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11642-vr.pdf",
"scheme": "US",
"security_level": {
"_type": "Set",
"elements": []
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11642-st.pdf",
"state": {
"_type": "sec_certs.sample.cc_eucc_common.InternalState",
"cert": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": false,
"json_hash": null,
"pdf_hash": "20a1cca76a14a7c2f41b08ed468c59c8c2635da2d60c04024dc5f5d302928d4c",
"txt_hash": "86157193107cda0a1fb28aa9f40a5df14da9817875940b77c70f8eb3b3fcb51d"
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "55d5abd21ef99a2418df5b1b97950f819b4a140d46fb14d0c882fefa7609d493",
"txt_hash": "d6463d91d9de0b4fff1ebbd98a5120a9eb823d8695a616bcc6f1f20a7aeafa96"
},
"st": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "c4d6dafd18ed31c57858f7c37bbb12f719fc22c5294c64cb263667e80d5e40e2",
"txt_hash": "81cde03415638c12b1f9666b2b7b3ede7f617d86c5797df3ffcaeb6081cf10d8"
}
},
"status": "active"
}