| name |
Fortinet Fortiweb 5.6 |
uCosminexus Application Server 07-00 |
| category |
Network and Network-Related Devices and Systems |
Access Control Devices and Systems |
| scheme |
CA |
JP |
| status |
archived |
archived |
| not_valid_after |
05.12.2022 |
07.10.2013 |
| not_valid_before |
05.12.2017 |
22.03.2007 |
| cert_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/383-4-425%20CT%20v1.0e.pdf |
|
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/383-4-425%20CR%20v1.0e.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0086_ecvr.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/383-4-425%20ST%20v1.10.pdf |
|
| manufacturer |
Fortinet, Inc. |
Hitachi, Ltd. |
| manufacturer_web |
https://www.fortinet.com/ |
https://www.hitachi.com/ |
| security_level |
{} |
EAL2+, ALC_FLR.1 |
| dgst |
2f43218020fc327c |
3a2713aa094e7f64 |
| heuristics/cert_id |
383-4-425 |
JISEC-CC-CRP-C0086 |
| heuristics/cert_lab |
[] |
[] |
| heuristics/cpe_matches |
cpe:2.3:a:fortinet:fortiweb:5.6.1:*:*:*:*:*:*:*, cpe:2.3:a:fortinet:fortiweb:5.6.0:*:*:*:*:*:*:*, cpe:2.3:a:fortinet:fortiweb:5.6.2:*:*:*:*:*:*:* |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
CVE-2017-7736, CVE-2019-16157, CVE-2021-22122, CVE-2017-3129, CVE-2017-7737, CVE-2020-29019, CVE-2023-25602, CVE-2019-5590, CVE-2021-36182, CVE-2021-42756, CVE-2020-29015, CVE-2021-36193, CVE-2021-42757, CVE-2020-29016, CVE-2021-42761, CVE-2021-36179, CVE-2020-6646, CVE-2017-14191 |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ASE_TSS.1, ADV_FSP.1, ALC_CMC.1, ASE_INT.1, ASE_SPD.1, ASE_OBJ.1, AVA_VAN.1, ATE_IND.1, ALC_CMS.1, AGD_OPE.1, ASE_REQ.1, ASE_CCL.1, ASE_ECD.1, AGD_PRE.1 |
ALC_FLR.1 |
| heuristics/extracted_versions |
5.6 |
07, 00 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
|
- cert_id: JISEC-CC-CRP-C0234
- certification_date: 01.08.2009
- claim: EAL2+ ALC_FLR.1
- enhanced:
- assurance_level: EAL2 Augmented with ALC_FLR.1
- cc_version: 3.1
- description: PRODUCT DESCRIPTION Description of TOE TOE is a Web application server software product that is a J2EE(TM) (Java(TM) 2 Platform, Enterprise Edition)-compliant. TOE provides runtime and management environments. The product, that includes TOE, is mainly consist of Web container and EJB(TM) container that is Java 2 Platform, Enterprise Edition 1.4 compatible platform. And it also includes various software to execute and manage J2EE-compliant Java applications. It improves availability and reliability of the business application system, and provides several functions in order to manage business application system efficiently. TOE security functionality Security functions provided by TOE are as follows: - User identification and authentication This function uses user ID and password for user identification and authentication. - Access control This function provides access control for both Web and EJB container objects by using authenticated user information. - Security management This function manages information of user identification and authentication, access control information, and access control permitted to an application.
- evaluation_facility: Mizuho Information & Research Institute, Inc. Center for Evaluation of Information Security
- product: uCosminexus Application Server
- product_type: Application Server
- toe_version: 08-00
- vendor: Hitachi, Ltd.
- expiration_date: 01.08.2014
- supplier: Hitachi, Ltd.
- toe_japan_link: https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0234_it9250.html
- toe_japan_name: uCosminexus Application Server 08-00
- toe_overseas_link: None
- toe_overseas_name: -----
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
c7cf611c6bb1e4b0 |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/CPP_ND_V1.0.pdf |
{} |
| pdf_data/cert_filename |
383-4-425 CT v1.0e.pdf |
|
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
- /Author: Clark, Cory P.
- /Company: CSEC
- /CreationDate: D:20171214084924-05'00'
- /Creator: Acrobat PDFMaker 11 for Word
- /ModDate: D:20171214084926-05'00'
- /Producer: Adobe PDF Library 11.0
- /SourceModified: D:20171206151714
- pdf_file_size_bytes: 203992
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
|
| pdf_data/report_filename |
383-4-425 CR v1.0e.pdf |
c0086_ecvr.pdf |
| pdf_data/report_frontpage |
|
|
| pdf_data/report_keywords/cc_cert_id |
|
- JP:
- Certification No. C0086: 1
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
|
|
| pdf_data/report_keywords/cc_sar |
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
|
| pdf_data/report_keywords/symmetric_crypto |
- AES_competition:
- constructions:
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- FIPS:
- FIPS 180-3: 1
- FIPS 186-4: 1
- FIPS 197: 1
- FIPS 198: 1
- ISO:
- NIST:
- SP 800-56A: 2
- SP 800-90A: 1
|
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
|
| pdf_data/report_metadata |
- /Author: Clark, Cory P.
- /Comments: V1.0
- /Company: CSEC
- /CreationDate: D:20171214084859-05'00'
- /Creator: Acrobat PDFMaker 11 for Word
- /ModDate: D:20171214084903-05'00'
- /Producer: Adobe PDF Library 11.0
- /SourceModified: D:20171214134846
- /Title: 383-4-XXX CR v0.1
- pdf_file_size_bytes: 250668
- pdf_hyperlinks: mailto:[email protected]
- pdf_is_encrypted: False
- pdf_number_of_pages: 17
|
- /CreationDate: D:20070323205213+09'00'
- /ModDate: D:20070323205213+09'00'
- /Producer: Acrobat Distiller 6.0 (Windows)
- /Title: untitled
- pdf_file_size_bytes: 13111
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
| pdf_data/st_filename |
383-4-425 ST v1.10.pdf |
|
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
|
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.1: 1
- ASE_REQ.1: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 5
- ATE:
- AVA:
|
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN: 13
- FAU_GEN.1: 6
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 5
- FAU_GEN.2.1: 1
- FAU_STG.1: 4
- FAU_STG.1.1: 1
- FAU_STG.1.2: 1
- FAU_STG_EXT: 3
- FAU_STG_EXT.1: 9
- FAU_STG_EXT.1.1: 2
- FAU_STG_EXT.1.2: 2
- FAU_STG_EXT.1.3: 2
- FAU_STG_EXT.2: 2
- FAU_STG_EXT.3: 6
- FAU_STG_EXT.3.1: 2
- FCS:
- FCS_CKM.1: 15
- FCS_CKM.1.1: 1
- FCS_CKM.2: 5
- FCS_CKM.2.1: 1
- FCS_CKM.4: 8
- FCS_CKM.4.1: 1
- FCS_COP.1: 38
- FCS_COP.1.1: 4
- FCS_COP.3: 1
- FCS_RBG_EXT: 3
- FCS_RBG_EXT.1: 11
- FCS_RBG_EXT.1.1: 2
- FCS_RBG_EXT.1.2: 2
- FCS_TLSC_EXT: 3
- FCS_TLSC_EXT.1: 4
- FCS_TLSC_EXT.2: 10
- FCS_TLSC_EXT.2.1: 2
- FCS_TLSC_EXT.2.2: 2
- FCS_TLSC_EXT.2.3: 2
- FCS_TLSC_EXT.2.4: 2
- FCS_TLSC_EXT.2.5: 2
- FCS_TLSS_EXT: 2
- FCS_TLSS_EXT.1: 10
- FCS_TLSS_EXT.1.1: 2
- FCS_TLSS_EXT.1.2: 2
- FCS_TLSS_EXT.1.3: 2
- FCS_TLSS_EXT.2: 4
- FCS_TLS_EXT.1: 1
- FDP:
- FDP_ITC.1: 6
- FDP_ITC.2: 6
- FDP_RIP.2: 1
- FIA:
- FIA_PMG_EXT: 3
- FIA_PMG_EXT.1: 9
- FIA_PMG_EXT.1.1: 2
- FIA_UAU.1: 2
- FIA_UAU.7: 5
- FIA_UAU.7.1: 1
- FIA_UAU_EXT: 3
- FIA_UAU_EXT.1: 1
- FIA_UAU_EXT.2: 11
- FIA_UAU_EXT.2.1: 2
- FIA_UIA_EXT: 3
- FIA_UIA_EXT.1: 9
- FIA_UIA_EXT.1.1: 2
- FIA_UIA_EXT.1.2: 2
- FIA_UID.1: 2
- FIA_UID_EXT.1: 1
- FMT:
- FMT_MOF.1: 18
- FMT_MOF.1.1: 4
- FMT_MTD: 2
- FMT_MTD.1: 6
- FMT_MTD.1.1: 2
- FMT_SMF.1: 7
- FMT_SMF.1.1: 1
- FMT_SMR.1: 3
- FMT_SMR.2: 6
- FMT_SMR.2.1: 1
- FMT_SMR.2.2: 1
- FMT_SMR.2.3: 1
- FPT:
- FPT_APW_EXT: 2
- FPT_APW_EXT.1: 9
- FPT_APW_EXT.1.1: 2
- FPT_APW_EXT.1.2: 2
- FPT_PTD: 1
- FPT_SKP_EXT: 3
- FPT_SKP_EXT.1: 9
- FPT_SKP_EXT.1.1: 2
- FPT_STM.1: 6
- FPT_STM.1.1: 1
- FPT_TST_EXT: 2
- FPT_TST_EXT.1: 12
- FPT_TST_EXT.1.1: 3
- FPT_TST_EXT.2: 2
- FPT_TUD_EXT: 3
- FPT_TUD_EXT.1: 9
- FPT_TUD_EXT.1.1: 2
- FPT_TUD_EXT.1.2: 2
- FPT_TUD_EXT.1.3: 2
- FPT_TUD_EXT.2: 2
- FTA:
- FTA_SSL.3: 4
- FTA_SSL.3.1: 1
- FTA_SSL.4: 4
- FTA_SSL.4.1: 1
- FTA_SSL_EXT: 3
- FTA_SSL_EXT.1: 9
- FTA_SSL_EXT.1.1: 2
- FTA_SSL_EXT.3: 1
- FTA_SSL_EXT.4: 1
- FTA_TAB.1: 9
- FTA_TAB.1.1: 1
- FTP:
- FTP_ITC: 1
- FTP_ITC.1: 7
- FTP_ITC.1.1: 1
- FTP_ITC.1.2: 1
- FTP_ITC.1.3: 1
- FTP_TRP.1: 4
- FTP_TRP.1.1: 1
- FTP_TRP.1.2: 1
- FTP_TRP.1.3: 1
|
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.ADMIN: 1
- A.LIMITED: 1
- A.NO_THRU: 1
- A.PHYSICAL: 1
- A.REGULAR: 1
- A.TRUSTED: 1
- OE:
- OE.ADMIN: 1
- OE.NO: 1
- OE.NO_THRU: 1
- OE.PHYSICAL: 1
- OE.TRUSTED: 1
- OE.UPDATES: 1
- T:
- T.PASSWORD: 1
- T.SECURITY: 2
- T.UNAUTHORIZED: 1
- T.UNDETECTED: 1
- T.UNTRUSTED: 1
- T.UPDATE_COMPROMISE: 1
- T.WEAK: 2
|
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- AES:
- AES: 19
- AES-128: 1
- AES-256: 1
- DES:
- constructions:
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
- IPsec:
- SSH:
- TLS:
- SSL:
- SSL: 1
- SSL 1.0: 1
- SSL 2.0: 2
- SSL 3.0: 2
- TLS:
- TLS: 76
- TLS 1.0: 2
- TLS 1.1: 6
- TLS 1.2: 7
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
- NIST:
- secp256r1: 1
- secp384r1: 1
- secp521r1: 1
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
- TLS:
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 5
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: 1
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 5
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: 1
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 2
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: 2
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 2
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 2
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: 2
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 2
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 2
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 2
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 2
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 2
- TLS_RSA_WITH_AES_128_CBC_SHA: 5
- TLS_RSA_WITH_AES_128_CBC_SHA256: 5
- TLS_RSA_WITH_AES_256_CBC_SHA: 5
- TLS_RSA_WITH_AES_256_CBC_SHA256: 1
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- CC:
- CCMB-2012-09-001: 1
- CCMB-2012-09-002: 1
- CCMB-2012-09-003: 1
- FIPS:
- ISO:
- ISO/IEC 18031:2011: 4
- ISO/IEC 9796-2: 1
- NIST:
- NIST SP 800-56B: 2
- NIST SP 800-90: 1
- SP 800-56B: 3
- SP 800-90A: 1
- PKCS:
- RFC:
- RFC 2560: 1
- RFC 2818: 3
- RFC 2986: 2
- RFC 3268: 16
- RFC 4346: 4
- RFC 4492: 8
- RFC 5246: 20
- RFC 5280: 7
- RFC 5289: 12
- RFC 5759: 1
- RFC 6125: 2
- X509:
|
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
|
| pdf_data/st_metadata |
- /Author: Teresa MacArthur
- /Client Full Name: Fortinet Inc.
- /Client Short Name: Fortinet
- /Comments: CC V3.1 Security Target
Template Version 1_0
- /Company: EWA-Canada
- /CreationDate: D:20171128143512-05'00'
- /Creator: Acrobat PDFMaker 10.1 for Word
- /Document Number: 1877-000-D102
- /ModDate: D:20171128143523-05'00'
- /Producer: Adobe PDF Library 10.0
- /Product_Name: FortiWeb 5.6
- /ST_Date: 28 November 2017
- /ST_Version: 1.10
- /SourceModified: D:20171128193030
- /Title: Security Target
- pdf_file_size_bytes: 600277
- pdf_hyperlinks: https://support.fortinet.com/
- pdf_is_encrypted: False
- pdf_number_of_pages: 69
|
|
| state/cert/convert_garbage |
True |
False |
| state/cert/convert_ok |
True |
False |
| state/cert/download_ok |
True |
False |
| state/cert/extract_ok |
True |
False |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
False |
| state/st/download_ok |
True |
False |
| state/st/extract_ok |
True |
False |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |