SQL Server 2016 Database Engine Enterprise Edition x64 (English) 13.0.4001.0 (including Service Pack 1)

This certificate has known related CVEs, which means that the certified product might be vulnerable.

CSV information ?

Status archived
Valid from 15.02.2017
Valid until 15.02.2022
Scheme 🇯🇵 JP
Manufacturer Microsoft Corporation
Category Databases
Security level EAL2+, ALC_FLR.2
Protection profiles

Heuristics summary ?

Certificate ID: JISEC-CC-CRP-C0537

Certificate ?

Extracted keywords

Vendor
Microsoft Corporation

Security level
EAL2
Security Assurance Requirements (SAR)
ALC_FLR.2
Evaluation facilities
TÜV Informationstechnik

File metadata

Creation date D:20170316155916+09'00'
Modification date D:20170316160045+09'00'
Pages 1
Creator Microsoft® Word 2010
Producer Microsoft® Word 2010

Certification report ?

Extracted keywords

Vendor
Microsoft Corporation, Microsoft

Security level
EAL2, EAL2+, EAL2 augmented
Claims
T.ACCESS_TSFDATA, T.ACCESS_TSFFUNC, T.IA_MASQUERADE, T.IA_USER, T.RESIDUAL_DATA, T.TSF_COMPROMISE, T.UNAUTHORIZED_, A.PHYSICAL, A.AUTHUSER, A.MANAGE, A.TRAINEDUSER, A.NO_GENERAL_, A.SUPPORT, A.CONNECT
Security Assurance Requirements (SAR)
ALC_FLR.2
Certificates
CRP-C0537-01, Certification No. C0537
Evaluation facilities
TÜV Informationstechnik

Standards
CCMB-2012-09-001, CCMB-2012-09-002, CCMB-2012-09-003, CCMB-2012-09-004

File metadata

Creation date D:20170316160424+09'00'
Modification date D:20170316160534+09'00'
Pages 33
Creator Microsoft® Word 2010
Producer Microsoft® Word 2010

Security target ?

Extracted keywords

Hash functions
SHA-1

Trusted Execution Environments
SE
Vendor
Microsoft Corporation, Microsoft

Security level
EAL2+, EAL2, EAL 2, EAL2 augmented, EAL 2 augmented
Claims
O.ACCESS_HISTORY, O.ADMIN_ROLE, O.AUDIT_GENERATION, O.DISCRETIONARY_ACCESS, O.MANAGE, O.MEDIATE, O.RESIDUAL_INFORMATION, O.TOE_ACCESS, O.AUDIT_GENERATI, O.DISCRETIONARY_, O.RESIDUAL_INFOR, T.ACCESS_TSFDATA, T.ACCESS_TSFFUNC, T.IA_MASQUERADE, T.IA_USER, T.RESIDUAL_DATA, T.TSF_COMPROMISE, T.UNAUTHORIZED_ACCESS, A.PHYSICAL, A.AUTHUSER, A.MANAGE, A.TRAINEDUSER, A.NO_GENERAL_PURPOSE, A.SUPPORT, A.CONNECT, OE.ADMIN, OE.INFO_PROTECT, OE.NO_GENERAL_, OE.PHYSICAL, OE.IT_REMOTE, OE.IT_TRUSTED_SYSTEM, OE.NO_GENERAL_PURPOSE
Security Assurance Requirements (SAR)
AGD_ADD, ALC_FLR.2
Security Functional Requirements (SFR)
FAU_GEN.1, FAU_GEN.2, FAU_SEL.1, FAU_GEN.1.1, FAU_GEN.1.2, FAU_GEN.2.1, FAU_SEL.1.1, FDP_ACC.1, FDP_ACF.1, FDP_RIP.1, FDP_ACC.1.1, FDP_ACF.1.1, FDP_ACF.1.2, FDP_ACF.1.3, FDP_ACF.1.4, FDP_RIP.1.1, FDP_IFC.1, FIA_USB.1, FIA_ATD.1, FIA_UAU.1, FIA_UID.1, FIA_ATD.1.1, FIA_UAU.1.1, FIA_UAU.1.2, FIA_UID.1.1, FIA_UID.1.2, FMT_MOF.1, FMT_MSA.1, FMT_MSA.3, FMT_MTD.1, FMT_REV.1, FMT_SMF.1, FMT_SMR.1, FMT_MOF.1.1, FMT_MSA.1.1, FMT_MSA.3.1, FMT_MSA.3.2, FMT_MTD.1.1, FMT_REV.1.1, FMT_REV.1.2, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FPT_TRC.1, FPT_TRC.1.1, FPT_TRC.1.2, FPT_STM.1, FPT_ITT.1, FTA_MCS.1, FTA_TSE.1, FTA_MCS.1.1, FTA_MCS.1.2, FTA_TSE.1.1, FTA_TAH

File metadata

Title Security Target - SQL Server 2016
Subject Security Target
Keywords CC, ST, Common Criteria, SQL, Security Target, DBMS, Database Management System
Author SQL Team
Creation date D:20161221140607+01'00'
Modification date D:20161221140607+01'00'
Pages 65
Creator Microsoft® Word 2010
Producer Microsoft® Word 2010

Heuristics ?

Certificate ID: JISEC-CC-CRP-C0537

Extracted SARs

ALC_FLR.2

Related CVEs

ID Links Severity CVSS Score Published on
Base Exploitability Impact
CVE-2024-21449
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-35256
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-35271
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-35272
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-37318
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-37319
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-37320
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-37321
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-37322
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-37323
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-37324
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-37326
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-37327
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-37328
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-37329
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-37330
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-37331
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-37332
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-37333
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-37336
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-38087
C M N
HIGH 8.8 5.9 09.07.2024 17:15
CVE-2024-38088
C M N
HIGH 8.8 5.9 09.07.2024 17:15
Showing 5 out of 22.

Similar certificates

Name Certificate ID
Microsoft SQL Server 2012 Database Engine Enterprise Edition x64 (English), Version 11.0.3000.0 (including Service Pack 1) BSI-DSZ-CC-0811-2013 Compare
Microsoft SQL Server 2016 Database Engine Enterprise Edition x64 (English) 13.0.4001.0 BSI-DSZ-CC-1004-2017 Compare
Microsoft SQL Server 2019 Database Engine Enterprise Edition x64 (English), version 15.0.4033.1 2019-44-INF-3227 Compare
Microsoft SQL Server 2019 Database Engine Enterprise Edition x64 (English), version 15.0.4178.1 2019-45-INF-3781 Compare
Microsoft SQL Server 2022 Database Engine Enterprise Edition x64 (English), version 16.0.4025.1 2022-34-INF-4109 Compare
Microsoft SQL Server 2019 on Linux Database Engine Enterprise Edition x64 (English), version 15.0.4033.1 2019-43-INF-3225 Compare
Database Engine of Microsoft SQL Server 2008 Enterprise Edition (English) x86 and x64, Version / Built 10.0.4000.0 BSI-DSZ-CC-0591-2011 Compare
Database Engine of Microsoft SQL Server 2008 R2 Enterprise Edition and Datacenter Edition (English) x64, Version 10.50.2500.0 BSI-DSZ-CC-0698-2012 Compare
Microsoft SQL Server 2014 Database Engine Enterprise Edition x64 (English)12.0.2000.8 JISEC-CC-CRP-C0475 Compare
Microsoft SQL Server 2017 Database Engine Enterprise Edition x64 (English) Version 14.0.3223.3 BSI-DSZ-CC-1050-2020 Compare
Microsoft SQL Server 2022 Database Engine Enterprise Edition x64 (English) version 16.0.4105.2 2022-36-INF-4306 Compare
Microsoft SQL Server 2012 Database Engine Enterprise Edition x64 (English), Version:11.0.2100.60 JISEC-CC-CRP-C0371 Compare
Microsoft SQL Server 2022 on Linux Database Engine Enterprise Edition x64 (English) version 16.0.4105.2 2022-33-INF-4305 Compare
Showing 5 out of 13.

Scheme data ?

Cert Id JISEC-CC-CRP-C0537
Supplier Microsoft Corporation
Toe Overseas Name SQL Server 2016 Database Engine Enterprise Edition x64 (English)13.0.4001.0 (including Service Pack 1)
Expiration Date 01.03.2022
Claim EAL2+ALC_FLR.2 PP
Certification Date 01.02.2017
Toe Overseas Link https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0537_it5563.html
Toe Japan Name -----
Enhanced
Product SQL Server 2016 Database Engine Enterprise Edition x64 (English)
Toe Version 13.0.4001.0 (including Service Pack 1)
Product Type Database Management System (DBMS)
Cc Version 3.1 Release4
Assurance Level EAL2 Augmented with ALC_FLR.2
Protection Profile Base Protection Profile for Database Management Systems (DBMS PP), Version 2.07
Vendor Microsoft Corporation
Evaluation Facility TÜV Informationstechnik GmbH, Evaluation Body for IT-Security
Report Link https://www.ipa.go.jp/en/security/c0537_erpt.pdf
Cert Link https://www.ipa.go.jp/en/security/c0537_eimg.pdf
Target Link https://www.ipa.go.jp/en/security/c0537_est.pdf
Description PRODUCT DESCRIPTION Description of TOE The TOE is the database engine of SQL Server 2016. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way. TOE security functionality This TOE provides the following security functionality: - The Access Control function of the TOE controls the access of users to user data and metadata stored in the TOE. - The Session Handling function of the TOE limits the possibilities of users to establish sessions with the TOE. - The Security Audit function of the TOE produces log files about all security relevant events. - The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. - The Identification and Authentication function of the TOE is able to identify and authenticate users. - The Residual Information Protection function of the TOE overwrites the residual information on the memory that will be used for user sessions.

References ?

No references are available for this certificate.

Updates ?

  • 21.11.2024 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'prev_certificates': [], 'next_certificates': []}.
  • 09.11.2024 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The scheme_data property was updated, with the {'cert_id': 'JISEC-CC-CRP-C0537', 'expiration_date': '2022-03-01', 'claim': 'EAL2+ALC_FLR.2 PP', 'certification_date': '2017-02-01', 'enhanced': {'__update__': {'evaluation_facility': 'TÜV Informationstechnik GmbH, Evaluation Body for IT-Security', 'description': 'PRODUCT DESCRIPTION Description of TOE The TOE is the database engine of SQL Server 2016. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way. TOE security functionality This TOE provides the following security functionality: - The Access Control function of the TOE controls the access of users to user data and metadata stored in the TOE. - The Session Handling function of the TOE limits the possibilities of users to establish sessions with the TOE. - The Security Audit function of the TOE produces log files about all security relevant events. - The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. - The Identification and Authentication function of the TOE is able to identify and authenticate users. - The Residual Information Protection function of the TOE overwrites the residual information on the memory that will be used for user sessions.'}, '__delete__': ['certification_date']}} data.
  • 17.10.2024 The certificate data changed.
    Certificate changed

    The Protection Profiles of the certificate were updated.

    • The new value is {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Base Protection Profile for Database Management Systems', 'pp_eal': 'EAL2+', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/pp0088b_pdf.pdf', 'pp_ids': {'_type': 'Set', 'elements': ['DBMS_PP']}}]}.
  • 14.10.2024 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The cpe_matches property was set to {'_type': 'Set', 'elements': ['cpe:2.3:a:microsoft:sql_server_2016:13.0.4001.0:*:*:*:*:*:*:*']}.
    • The related_cves property was set to {'_type': 'Set', 'elements': ['CVE-2024-37329', 'CVE-2024-37331', 'CVE-2024-37326', 'CVE-2024-35272', 'CVE-2024-37336', 'CVE-2024-35256', 'CVE-2024-35271', 'CVE-2024-37321', 'CVE-2024-21449', 'CVE-2024-37324', 'CVE-2024-37323', 'CVE-2024-37332', 'CVE-2024-37328', 'CVE-2024-38087', 'CVE-2024-37319', 'CVE-2024-37322', 'CVE-2024-37320', 'CVE-2024-37327', 'CVE-2024-38088', 'CVE-2024-37330', 'CVE-2024-37333', 'CVE-2024-37318']}.
    • The scheme_data property was set to {'cert_id': 'C0537', 'supplier': 'Microsoft Corporation', 'toe_overseas_name': 'SQL Server 2016 Database Engine Enterprise Edition x64 (English)13.0.4001.0 (including Service Pack 1)', 'expiration_date': '2022-03', 'claim': 'EAL2+ALC_FLR.2 PP', 'certification_date': '2017-02', 'toe_overseas_link': 'https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0537_it5563.html', 'toe_japan_name': '-----', 'enhanced': {'product': 'SQL Server 2016 Database Engine Enterprise Edition x64 (English)', 'toe_version': '13.0.4001.0 (including Service Pack 1)', 'product_type': 'Database Management System (DBMS)', 'certification_date': '2017-02-15', 'cc_version': '3.1 Release4', 'assurance_level': 'EAL2 Augmented with ALC_FLR.2', 'protection_profile': 'Base Protection Profile for Database Management Systems (DBMS PP), Version 2.07', 'vendor': 'Microsoft Corporation', 'evaluation_facility': 'TÜV Informationstechnik GmbH, \n Evaluation Body for IT-Security', 'report_link': 'https://www.ipa.go.jp/en/security/c0537_erpt.pdf', 'cert_link': 'https://www.ipa.go.jp/en/security/c0537_eimg.pdf', 'target_link': 'https://www.ipa.go.jp/en/security/c0537_est.pdf', 'description': 'PRODUCT DESCRIPTION \n Description of TOE \n The TOE is the database engine of SQL Server 2016. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way. \n \n TOE security functionality \n This TOE provides the following security functionality: \n \n \n \n - \n The Access Control function of the TOE controls the access of users to user data and metadata stored in the TOE. \n \n \n - \n The Session Handling function of the TOE limits the possibilities of users to establish sessions with the TOE. \n \n \n - \n The Security Audit function of the TOE produces log files about all security relevant events. \n \n \n - \n The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. \n \n \n - \n The Identification and Authentication function of the TOE is able to identify and authenticate users. \n \n \n - \n The Residual Information Protection function of the TOE overwrites the residual information on the memory that will be used for user sessions.'}}.
  • 30.09.2024 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The scheme_data property was set to None.
  • 22.08.2024 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The report property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'c01e18dbdad0c499dc46b42ce4d19384899797a509f8647ca809715d05dc16ec', 'txt_hash': 'ea6efabb475d8107b300bf1572a0e13a8d393ace9dc5452dc1f81ba225faa42f'} data.
    • The st property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'f0c8433c7f20b1ce5fd24304cff9661223f1afad4e63512f2605f1e794bb47cb', 'txt_hash': '366a3938d32ee8c03f1719b4490a4ee05c88db9451aabecfbb21752a48f9ce6d'} data.
    • The cert property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'e06b4bf851a233995c42ea3442c808670fa41d0a9623dcc6edcb29d625e31239', 'txt_hash': 'd6f03332aaf99dee97c2c1bee96bfbe235b26ac32e9ddd3df2b047a8bda650ba'} data.

    The PDF extraction data was updated.

    • The report_metadata property was set to {'pdf_file_size_bytes': 240723, 'pdf_is_encrypted': True, 'pdf_number_of_pages': 33, '/CreationDate': "D:20170316160424+09'00'", '/Creator': 'Microsoft® Word 2010', '/ModDate': "D:20170316160534+09'00'", '/Producer': 'Microsoft® Word 2010', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.
    • The st_metadata property was set to {'pdf_file_size_bytes': 1446524, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 65, '/Title': 'Security Target - SQL Server 2016', '/Author': 'SQL Team', '/Subject': 'Security Target', '/Keywords': 'CC, ST, Common Criteria, SQL, Security Target, DBMS, Database Management System', '/Creator': 'Microsoft® Word 2010', '/CreationDate': "D:20161221140607+01'00'", '/ModDate': "D:20161221140607+01'00'", '/Producer': 'Microsoft® Word 2010', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://www.microsoft.com/sqlserver/en/us/common-criteria.aspx', 'https://www.microsoft.com/licensing/servicecenter/default.aspx']}}.
    • The cert_metadata property was set to {'pdf_file_size_bytes': 415538, 'pdf_is_encrypted': True, 'pdf_number_of_pages': 1, '/CreationDate': "D:20170316155916+09'00'", '/Creator': 'Microsoft® Word 2010', '/ModDate': "D:20170316160045+09'00'", '/Producer': 'Microsoft® Word 2010', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.
    • The report_frontpage property was set to {}.
    • The report_keywords property was set to {'cc_cert_id': {'JP': {'CRP-C0537-01': 1, 'Certification No. C0537': 1}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL2': 4, 'EAL2+': 2, 'EAL2 augmented': 3}}, 'cc_sar': {'ALC': {'ALC_FLR.2': 4}}, 'cc_sfr': {}, 'cc_claims': {'T': {'T.ACCESS_TSFDATA': 1, 'T.ACCESS_TSFFUNC': 1, 'T.IA_MASQUERADE': 1, 'T.IA_USER': 1, 'T.RESIDUAL_DATA': 1, 'T.TSF_COMPROMISE': 1, 'T.UNAUTHORIZED_': 1}, 'A': {'A.PHYSICAL': 1, 'A.AUTHUSER': 1, 'A.MANAGE': 1, 'A.TRAINEDUSER': 1, 'A.NO_GENERAL_': 1, 'A.SUPPORT': 1, 'A.CONNECT': 1}}, 'vendor': {'Microsoft': {'Microsoft Corporation': 7, 'Microsoft': 5}}, 'eval_facility': {'TUV': {'TÜV Informationstechnik': 4}}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'CC': {'CCMB-2012-09-001': 2, 'CCMB-2012-09-002': 2, 'CCMB-2012-09-003': 2, 'CCMB-2012-09-004': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}.
    • The st_keywords property was set to {'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL2+': 66, 'EAL2': 1, 'EAL 2': 3, 'EAL2 augmented': 1, 'EAL 2 augmented': 1}}, 'cc_sar': {'AGD': {'AGD_ADD': 3}, 'ALC': {'ALC_FLR.2': 4}}, 'cc_sfr': {'FAU': {'FAU_GEN.1': 9, 'FAU_GEN.2': 6, 'FAU_SEL.1': 7, 'FAU_GEN.1.1': 1, 'FAU_GEN.1.2': 1, 'FAU_GEN.2.1': 1, 'FAU_SEL.1.1': 1}, 'FDP': {'FDP_ACC.1': 15, 'FDP_ACF.1': 8, 'FDP_RIP.1': 6, 'FDP_ACC.1.1': 1, 'FDP_ACF.1.1': 2, 'FDP_ACF.1.2': 1, 'FDP_ACF.1.3': 1, 'FDP_ACF.1.4': 1, 'FDP_RIP.1.1': 1, 'FDP_IFC.1': 1}, 'FIA': {'FIA_USB.1': 5, 'FIA_ATD.1': 15, 'FIA_UAU.1': 7, 'FIA_UID.1': 14, 'FIA_ATD.1.1': 3, 'FIA_UAU.1.1': 1, 'FIA_UAU.1.2': 1, 'FIA_UID.1.1': 1, 'FIA_UID.1.2': 1}, 'FMT': {'FMT_MOF.1': 6, 'FMT_MSA.1': 7, 'FMT_MSA.3': 8, 'FMT_MTD.1': 6, 'FMT_REV.1': 12, 'FMT_SMF.1': 11, 'FMT_SMR.1': 18, 'FMT_MOF.1.1': 1, 'FMT_MSA.1.1': 1, 'FMT_MSA.3.1': 1, 'FMT_MSA.3.2': 1, 'FMT_MTD.1.1': 1, 'FMT_REV.1.1': 2, 'FMT_REV.1.2': 2, 'FMT_SMF.1.1': 1, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1}, 'FPT': {'FPT_TRC.1': 6, 'FPT_TRC.1.1': 1, 'FPT_TRC.1.2': 1, 'FPT_STM.1': 1, 'FPT_ITT.1': 1}, 'FTA': {'FTA_MCS.1': 7, 'FTA_TSE.1': 6, 'FTA_MCS.1.1': 1, 'FTA_MCS.1.2': 1, 'FTA_TSE.1.1': 1, 'FTA_TAH': 1}}, 'cc_claims': {'O': {'O.ACCESS_HISTORY': 9, 'O.ADMIN_ROLE': 8, 'O.AUDIT_GENERATION': 6, 'O.DISCRETIONARY_ACCESS': 5, 'O.MANAGE': 11, 'O.MEDIATE': 8, 'O.RESIDUAL_INFORMATION': 8, 'O.TOE_ACCESS': 18, 'O.AUDIT_GENERATI': 1, 'O.DISCRETIONARY_': 1, 'O.RESIDUAL_INFOR': 1}, 'T': {'T.ACCESS_TSFDATA': 3, 'T.ACCESS_TSFFUNC': 3, 'T.IA_MASQUERADE': 4, 'T.IA_USER': 3, 'T.RESIDUAL_DATA': 3, 'T.TSF_COMPROMISE': 4, 'T.UNAUTHORIZED_ACCESS': 4}, 'A': {'A.PHYSICAL': 3, 'A.AUTHUSER': 3, 'A.MANAGE': 3, 'A.TRAINEDUSER': 3, 'A.NO_GENERAL_PURPOSE': 3, 'A.SUPPORT': 4, 'A.CONNECT': 4}, 'OE': {'OE.ADMIN': 12, 'OE.INFO_PROTECT': 19, 'OE.NO_GENERAL_': 2, 'OE.PHYSICAL': 8, 'OE.IT_REMOTE': 10, 'OE.IT_TRUSTED_SYSTEM': 9, 'OE.NO_GENERAL_PURPOSE': 6}}, 'vendor': {'Microsoft': {'Microsoft Corporation': 3, 'Microsoft': 10}}, 'eval_facility': {}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 1}}}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {'IBM': {'SE': 3}}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}.
    • The cert_keywords property was set to {'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL2': 1}}, 'cc_sar': {'ALC': {'ALC_FLR.2': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {'Microsoft': {'Microsoft Corporation': 1}}, 'eval_facility': {'TUV': {'TÜV Informationstechnik': 1}}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}.
    • The report_filename property was set to c0537_erpt.pdf.
    • The st_filename property was set to c0537_est.pdf.
    • The cert_filename property was set to c0537_eimg.pdf.

    The computed heuristics were updated.

    • The cert_id property was set to JISEC-CC-CRP-C0537.
  • 17.08.2024 The certificate data changed.
    Certificate changed

    The report_link was updated.

    • The new value is https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0537_erpt.pdf.

    The st_link was updated.

    • The new value is https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0537_est.pdf.

    The state of the certificate object was updated.

    • The report property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.
    • The cert property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.

    The PDF extraction data was updated.

    • The report_metadata property was set to None.
    • The cert_metadata property was set to None.
    • The report_frontpage property was set to None.
    • The report_keywords property was set to None.
    • The cert_keywords property was set to None.
    • The report_filename property was set to None.
    • The cert_filename property was set to None.

    The computed heuristics were updated.

    • The cert_id property was set to None.
  • 12.08.2024 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The st property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.

    The PDF extraction data was updated.

    • The st_metadata property was set to None.
    • The st_keywords property was set to None.
    • The st_filename property was set to None.
  • 23.07.2024 The certificate was first processed.
    New certificate

    A new Common Criteria certificate with the product name SQL Server 2016 Database Engine Enterprise Edition x64 (English) 13.0.4001.0 (including Service Pack 1) was processed.

Raw data

{
  "_type": "sec_certs.sample.cc.CCCertificate",
  "category": "Databases",
  "cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0537_eimg.pdf",
  "dgst": "a43cc3e7f97cf843",
  "heuristics": {
    "_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
    "annotated_references": null,
    "cert_id": "JISEC-CC-CRP-C0537",
    "cert_lab": null,
    "cpe_matches": {
      "_type": "Set",
      "elements": [
        "cpe:2.3:a:microsoft:sql_server_2016:13.0.4001.0:*:*:*:*:*:*:*"
      ]
    },
    "direct_transitive_cves": null,
    "extracted_sars": {
      "_type": "Set",
      "elements": [
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_FLR",
          "level": 2
        }
      ]
    },
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "13.0.4001.0"
      ]
    },
    "indirect_transitive_cves": null,
    "next_certificates": [],
    "prev_certificates": [],
    "related_cves": {
      "_type": "Set",
      "elements": [
        "CVE-2024-37336",
        "CVE-2024-37318",
        "CVE-2024-37332",
        "CVE-2024-37320",
        "CVE-2024-37319",
        "CVE-2024-35272",
        "CVE-2024-35271",
        "CVE-2024-37323",
        "CVE-2024-37326",
        "CVE-2024-37324",
        "CVE-2024-37331",
        "CVE-2024-37328",
        "CVE-2024-38087",
        "CVE-2024-37330",
        "CVE-2024-38088",
        "CVE-2024-21449",
        "CVE-2024-37329",
        "CVE-2024-35256",
        "CVE-2024-37322",
        "CVE-2024-37327",
        "CVE-2024-37333",
        "CVE-2024-37321"
      ]
    },
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "scheme_data": {
      "cert_id": "JISEC-CC-CRP-C0537",
      "certification_date": "2017-02-01",
      "claim": "EAL2+ALC_FLR.2 PP",
      "enhanced": {
        "assurance_level": "EAL2 Augmented with ALC_FLR.2",
        "cc_version": "3.1 Release4",
        "cert_link": "https://www.ipa.go.jp/en/security/c0537_eimg.pdf",
        "description": "PRODUCT DESCRIPTION Description of TOE The TOE is the database engine of SQL Server 2016. SQL Server is a Database Management System (DBMS). The TOE has been developed as the core module of the DBMS to store and manage data in a secure way. TOE security functionality This TOE provides the following security functionality: - The Access Control function of the TOE controls the access of users to user data and metadata stored in the TOE. - The Session Handling function of the TOE limits the possibilities of users to establish sessions with the TOE. - The Security Audit function of the TOE produces log files about all security relevant events. - The Security Management function allows authorized administrators to manage the behavior of the security functionality of the TOE. - The Identification and Authentication function of the TOE is able to identify and authenticate users. - The Residual Information Protection function of the TOE overwrites the residual information on the memory that will be used for user sessions.",
        "evaluation_facility": "T\u00dcV Informationstechnik GmbH, Evaluation Body for IT-Security",
        "product": "SQL Server 2016 Database Engine Enterprise Edition x64 (English)",
        "product_type": "Database Management System (DBMS)",
        "protection_profile": "Base Protection Profile for Database Management Systems (DBMS PP), Version 2.07",
        "report_link": "https://www.ipa.go.jp/en/security/c0537_erpt.pdf",
        "target_link": "https://www.ipa.go.jp/en/security/c0537_est.pdf",
        "toe_version": "13.0.4001.0 (including Service Pack 1)",
        "vendor": "Microsoft Corporation"
      },
      "expiration_date": "2022-03-01",
      "supplier": "Microsoft Corporation",
      "toe_japan_name": "-----",
      "toe_overseas_link": "https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0537_it5563.html",
      "toe_overseas_name": "SQL Server 2016 Database Engine Enterprise Edition x64 (English)13.0.4001.0 (including Service Pack 1)"
    },
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": []
  },
  "manufacturer": "Microsoft Corporation",
  "manufacturer_web": "https://www.microsoft.com",
  "name": "SQL Server 2016 Database Engine Enterprise Edition x64 (English) 13.0.4001.0 (including Service Pack 1)",
  "not_valid_after": "2022-02-15",
  "not_valid_before": "2017-02-15",
  "pdf_data": {
    "_type": "sec_certs.sample.cc.CCCertificate.PdfData",
    "cert_filename": "c0537_eimg.pdf",
    "cert_frontpage": null,
    "cert_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {},
      "cc_claims": {},
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ALC": {
          "ALC_FLR.2": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL2": 1
        }
      },
      "cc_sfr": {},
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {
        "TUV": {
          "T\u00dcV Informationstechnik": 1
        }
      },
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {},
      "symmetric_crypto": {},
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Microsoft": {
          "Microsoft Corporation": 1
        }
      },
      "vulnerability": {}
    },
    "cert_metadata": {
      "/CreationDate": "D:20170316155916+09\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word 2010",
      "/ModDate": "D:20170316160045+09\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word 2010",
      "pdf_file_size_bytes": 415538,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": true,
      "pdf_number_of_pages": 1
    },
    "report_filename": "c0537_erpt.pdf",
    "report_frontpage": {},
    "report_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "JP": {
          "CRP-C0537-01": 1,
          "Certification No. C0537": 1
        }
      },
      "cc_claims": {
        "A": {
          "A.AUTHUSER": 1,
          "A.CONNECT": 1,
          "A.MANAGE": 1,
          "A.NO_GENERAL_": 1,
          "A.PHYSICAL": 1,
          "A.SUPPORT": 1,
          "A.TRAINEDUSER": 1
        },
        "T": {
          "T.ACCESS_TSFDATA": 1,
          "T.ACCESS_TSFFUNC": 1,
          "T.IA_MASQUERADE": 1,
          "T.IA_USER": 1,
          "T.RESIDUAL_DATA": 1,
          "T.TSF_COMPROMISE": 1,
          "T.UNAUTHORIZED_": 1
        }
      },
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ALC": {
          "ALC_FLR.2": 4
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL2": 4,
          "EAL2 augmented": 3,
          "EAL2+": 2
        }
      },
      "cc_sfr": {},
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {
        "TUV": {
          "T\u00dcV Informationstechnik": 4
        }
      },
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "CC": {
          "CCMB-2012-09-001": 2,
          "CCMB-2012-09-002": 2,
          "CCMB-2012-09-003": 2,
          "CCMB-2012-09-004": 2
        }
      },
      "symmetric_crypto": {},
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Microsoft": {
          "Microsoft": 5,
          "Microsoft Corporation": 7
        }
      },
      "vulnerability": {}
    },
    "report_metadata": {
      "/CreationDate": "D:20170316160424+09\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word 2010",
      "/ModDate": "D:20170316160534+09\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word 2010",
      "pdf_file_size_bytes": 240723,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": true,
      "pdf_number_of_pages": 33
    },
    "st_filename": "c0537_est.pdf",
    "st_frontpage": null,
    "st_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {},
      "cc_claims": {
        "A": {
          "A.AUTHUSER": 3,
          "A.CONNECT": 4,
          "A.MANAGE": 3,
          "A.NO_GENERAL_PURPOSE": 3,
          "A.PHYSICAL": 3,
          "A.SUPPORT": 4,
          "A.TRAINEDUSER": 3
        },
        "O": {
          "O.ACCESS_HISTORY": 9,
          "O.ADMIN_ROLE": 8,
          "O.AUDIT_GENERATI": 1,
          "O.AUDIT_GENERATION": 6,
          "O.DISCRETIONARY_": 1,
          "O.DISCRETIONARY_ACCESS": 5,
          "O.MANAGE": 11,
          "O.MEDIATE": 8,
          "O.RESIDUAL_INFOR": 1,
          "O.RESIDUAL_INFORMATION": 8,
          "O.TOE_ACCESS": 18
        },
        "OE": {
          "OE.ADMIN": 12,
          "OE.INFO_PROTECT": 19,
          "OE.IT_REMOTE": 10,
          "OE.IT_TRUSTED_SYSTEM": 9,
          "OE.NO_GENERAL_": 2,
          "OE.NO_GENERAL_PURPOSE": 6,
          "OE.PHYSICAL": 8
        },
        "T": {
          "T.ACCESS_TSFDATA": 3,
          "T.ACCESS_TSFFUNC": 3,
          "T.IA_MASQUERADE": 4,
          "T.IA_USER": 3,
          "T.RESIDUAL_DATA": 3,
          "T.TSF_COMPROMISE": 4,
          "T.UNAUTHORIZED_ACCESS": 4
        }
      },
      "cc_protection_profile_id": {},
      "cc_sar": {
        "AGD": {
          "AGD_ADD": 3
        },
        "ALC": {
          "ALC_FLR.2": 4
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 2": 3,
          "EAL 2 augmented": 1,
          "EAL2": 1,
          "EAL2 augmented": 1,
          "EAL2+": 66
        }
      },
      "cc_sfr": {
        "FAU": {
          "FAU_GEN.1": 9,
          "FAU_GEN.1.1": 1,
          "FAU_GEN.1.2": 1,
          "FAU_GEN.2": 6,
          "FAU_GEN.2.1": 1,
          "FAU_SEL.1": 7,
          "FAU_SEL.1.1": 1
        },
        "FDP": {
          "FDP_ACC.1": 15,
          "FDP_ACC.1.1": 1,
          "FDP_ACF.1": 8,
          "FDP_ACF.1.1": 2,
          "FDP_ACF.1.2": 1,
          "FDP_ACF.1.3": 1,
          "FDP_ACF.1.4": 1,
          "FDP_IFC.1": 1,
          "FDP_RIP.1": 6,
          "FDP_RIP.1.1": 1
        },
        "FIA": {
          "FIA_ATD.1": 15,
          "FIA_ATD.1.1": 3,
          "FIA_UAU.1": 7,
          "FIA_UAU.1.1": 1,
          "FIA_UAU.1.2": 1,
          "FIA_UID.1": 14,
          "FIA_UID.1.1": 1,
          "FIA_UID.1.2": 1,
          "FIA_USB.1": 5
        },
        "FMT": {
          "FMT_MOF.1": 6,
          "FMT_MOF.1.1": 1,
          "FMT_MSA.1": 7,
          "FMT_MSA.1.1": 1,
          "FMT_MSA.3": 8,
          "FMT_MSA.3.1": 1,
          "FMT_MSA.3.2": 1,
          "FMT_MTD.1": 6,
          "FMT_MTD.1.1": 1,
          "FMT_REV.1": 12,
          "FMT_REV.1.1": 2,
          "FMT_REV.1.2": 2,
          "FMT_SMF.1": 11,
          "FMT_SMF.1.1": 1,
          "FMT_SMR.1": 18,
          "FMT_SMR.1.1": 1,
          "FMT_SMR.1.2": 1
        },
        "FPT": {
          "FPT_ITT.1": 1,
          "FPT_STM.1": 1,
          "FPT_TRC.1": 6,
          "FPT_TRC.1.1": 1,
          "FPT_TRC.1.2": 1
        },
        "FTA": {
          "FTA_MCS.1": 7,
          "FTA_MCS.1.1": 1,
          "FTA_MCS.1.2": 1,
          "FTA_TAH": 1,
          "FTA_TSE.1": 6,
          "FTA_TSE.1.1": 1
        }
      },
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {},
      "symmetric_crypto": {},
      "technical_report_id": {},
      "tee_name": {
        "IBM": {
          "SE": 3
        }
      },
      "tls_cipher_suite": {},
      "vendor": {
        "Microsoft": {
          "Microsoft": 10,
          "Microsoft Corporation": 3
        }
      },
      "vulnerability": {}
    },
    "st_metadata": {
      "/Author": "SQL Team",
      "/CreationDate": "D:20161221140607+01\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word 2010",
      "/Keywords": "CC, ST, Common Criteria, SQL, Security Target, DBMS, Database Management System",
      "/ModDate": "D:20161221140607+01\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word 2010",
      "/Subject": "Security Target",
      "/Title": "Security Target - SQL Server 2016",
      "pdf_file_size_bytes": 1446524,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://www.microsoft.com/licensing/servicecenter/default.aspx",
          "https://www.microsoft.com/sqlserver/en/us/common-criteria.aspx"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 65
    }
  },
  "protection_profiles": {
    "_type": "Set",
    "elements": [
      {
        "_type": "sec_certs.sample.protection_profile.ProtectionProfile",
        "pp_eal": "EAL2+",
        "pp_ids": {
          "_type": "Set",
          "elements": [
            "DBMS_PP"
          ]
        },
        "pp_link": "https://www.commoncriteriaportal.org/files/ppfiles/pp0088b_pdf.pdf",
        "pp_name": "Base Protection Profile for Database Management Systems"
      }
    ]
  },
  "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0537_erpt.pdf",
  "scheme": "JP",
  "security_level": {
    "_type": "Set",
    "elements": [
      "ALC_FLR.2",
      "EAL2+"
    ]
  },
  "st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0537_est.pdf",
  "state": {
    "_type": "sec_certs.sample.cc.CCCertificate.InternalState",
    "cert": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "e06b4bf851a233995c42ea3442c808670fa41d0a9623dcc6edcb29d625e31239",
      "txt_hash": "d6f03332aaf99dee97c2c1bee96bfbe235b26ac32e9ddd3df2b047a8bda650ba"
    },
    "report": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "c01e18dbdad0c499dc46b42ce4d19384899797a509f8647ca809715d05dc16ec",
      "txt_hash": "ea6efabb475d8107b300bf1572a0e13a8d393ace9dc5452dc1f81ba225faa42f"
    },
    "st": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "f0c8433c7f20b1ce5fd24304cff9661223f1afad4e63512f2605f1e794bb47cb",
      "txt_hash": "366a3938d32ee8c03f1719b4490a4ee05c88db9451aabecfbb21752a48f9ce6d"
    }
  },
  "status": "archived"
}