| name |
Microsoft Exchange Server 2007 Enterprise Edition (English), Version/Build 08.02.0176.002 |
HP Universal CMDB and Universal Discovery v10.21 |
| category |
Other Devices and Systems |
Other Devices and Systems |
| scheme |
DE |
CA |
| status |
archived |
archived |
| not_valid_after |
01.09.2019 |
14.03.2021 |
| not_valid_before |
16.11.2009 |
14.03.2016 |
| cert_link |
|
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/383-4-336%20CT%20v1.0e.docx |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0436a_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/383-4-336%20CR%20v1.0e.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0436b_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/383-4-336%20ST%20v1.1.pdf |
| manufacturer |
Microsoft Corporation |
Hewlett-Packard Development Company, L.P. |
| manufacturer_web |
https://www.microsoft.com |
https://www.hp.com |
| security_level |
EAL4+ |
EAL2+, ALC_FLR.2 |
| dgst |
95badceef1b711cb |
3b557dcf94a60a5f |
| heuristics/cert_id |
BSI-DSZ-CC-0436-2009 |
383-4-336 |
| heuristics/cert_lab |
BSI |
CANADA |
| heuristics/cpe_matches |
{} |
cpe:2.3:a:hp:universal_discovery:10.21:*:*:*:*:*:*:* |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
CVE-2016-4368 |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ADV_IMP.1, ATE_IND.2, AVA_SOF.1, ADV_HLD.2, AVA_VLA.2, ADV_RCR.1, ADV_LLD.1, ATE_COV.2, ALC_FLR.3, AGD_USR.1, AVA_MSU.2, ADV_SPM.1, ADV_FSP.2, AGD_ADM.1, ATE_DPT.1, ALC_DVS.1, ALC_TAT.1, ALC_LCD.1, ATE_FUN.1 |
ADV_ARC.1, ATE_IND.2, AGD_PRE.1, ATE_FUN.1, AGD_OPE.1, ADV_TDS.1, ASE_REQ.2, ASE_ECD.1, AVA_VAN.2, ASE_OBJ.2, ASE_SPD.1, ATE_COV.1, ASE_INT.1, ADV_FSP.2, ASE_TSS.1, ALC_DEL.1, ALC_CMC.2, ALC_CMS.2, ASE_CCL.1, ALC_FLR.2 |
| heuristics/extracted_versions |
08.02.0176.002 |
10.21 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
{} |
| pdf_data/cert_filename |
|
383-4-336 CT v1.0e.docx |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
0436a_pdf.pdf |
383-4-336 CR v1.0e.pdf |
| pdf_data/report_frontpage |
- DE:
- cert_id: BSI-DSZ-CC-0436-2009
- cert_item: Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002
- cert_lab: BSI
- developer: Microsoft Corporation
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
- CA:
|
- DE:
- CA:
- cert_id: 383-4-336-CR
- cert_lab: CANADA
|
| pdf_data/report_keywords/cc_cert_id |
|
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 1: 1
- EAL 4: 3
- EAL 4 augmented: 2
- EAL 7: 1
- EAL1: 5
- EAL2: 3
- EAL3: 4
- EAL4: 8
- EAL4 augmented: 1
- EAL5: 6
- EAL6: 3
- EAL7: 4
|
- EAL:
- EAL 2: 1
- EAL 2 augmented: 1
- EAL 2+: 2
- EAL2: 1
|
| pdf_data/report_keywords/cc_sar |
- ACM:
- ACM_AUT: 2
- ACM_CAP: 2
- ACM_SCP: 2
- ADO:
- ADV:
- ADV_FSP: 2
- ADV_HLD: 2
- ADV_IMP: 2
- ADV_INT: 2
- ADV_LLD: 2
- ADV_RCR: 2
- ADV_SPM: 2
- AGD:
- ALC:
- ALC_DVS: 2
- ALC_FLR: 2
- ALC_FLR.3: 4
- ALC_LCD: 1
- ALC_TAT: 2
- APE:
- APE_DES: 1
- APE_ENV: 1
- APE_INT: 1
- APE_OBJ: 1
- APE_REQ: 1
- APE_SRE: 1
- ASE:
- ASE_DES: 1
- ASE_ENV: 1
- ASE_INT: 1
- ASE_OBJ: 1
- ASE_PPC: 1
- ASE_REQ: 1
- ASE_SRE: 1
- ASE_TSS: 1
- ATE:
- ATE_COV: 2
- ATE_DPT: 2
- ATE_FUN: 2
- ATE_IND: 2
- AVA:
- AVA_CCA: 2
- AVA_MSU: 2
- AVA_SOF: 3
- AVA_VLA: 3
- AVA_VLA.2: 1
- AVA_VLA.3: 1
- AVA_VLA.4: 1
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
- Microsoft:
- Microsoft: 17
- Microsoft Corporation: 5
|
|
| pdf_data/report_keywords/eval_facility |
- TUV:
- TÜV Informationstechnik: 3
- tuvit: 12
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
- BSI:
- BSI 7125: 2
- BSI 7148: 1
- BSI 7149: 1
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
|
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- ConfidentialDocument:
- 02.0176.002, EVALUATION TECHNICAL REPORT, Version 3, Date 2009-10-01, TÜV Informationstechnik GmbH (confidential document) [8] Configuration list for the TOE: Exchange Server 2007 Common Criteria Evaluation, Configuration: 1
- Server, Version: 1.05, Date: 2009-09-28; including all document as referenced in chapter 3.2. (confidential documents) [9] Microsoft Exchange Server 2007 Enterprise Edition Common Criteria Evaluation – Guidance: 1
- OutOfScope:
- TOE in the certified version and configuration. The version of the help-file on the product DVD is out of scope of the certification. The TOE has to be installed and configured according to the Guidance Addendum: 1
- any client. The way external lists for filtering of messages are compiled and transferred is also out of scope of the evaluation. Some security functionality of the TOE environment, namely of the operating: 1
- out of scope: 2
|
|
| pdf_data/report_metadata |
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20091209111723+01'00'
- /Creator: Writer
- /Keywords: "Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002, Microsoft Corporation, Common Criteria, Certification, Zertifzierung"
- /ModDate: D:20091218092509+01'00'
- /Producer: StarOffice 9
- /Subject: Common Criteria Certification
- /Title: Certification Report BSI-DSZ-CC-0436-2009
- pdf_file_size_bytes: 966828
- pdf_hyperlinks: http://www.bsi.bund.de/
- pdf_is_encrypted: False
- pdf_number_of_pages: 34
|
- /Author: Clark, Cory P.
- /CR version: 1.0
- /Company: CSEC-CSTC
- /CreationDate: D:20160414070021-04'00'
- /Creator: Acrobat PDFMaker 11 for Word
- /Developer name: Hewlett Packard Enterprise Development LP
- /Document number: 383-4-336-CR
- /ETR title, version, date: Hewlett Packard Enterprise Development LP HP Universal CMDB and Universal Discovery v10.21 Common Criteria EAL2 Evaluation Technical Report v0.4,March 14, 2016
- /Evaluation completion date: 14 March 2016
- /ModDate: D:20160414070025-04'00'
- /Producer: Adobe PDF Library 11.0
- /ST Title: Security Target: Hewlett Packard Enterprise Development LP HP Universal CMDB and Universal Discovery v10.21 Security Target, version 1.1, March 11, 2016
- /SourceModified: D:20160414105936
- /TOE name and version: HP Universal CMDB and Universal Discovery v10.21
- /TOE short name: HP Universal CMDB and Universal Discovery v10.21
- /Title: 383-4-XXX CR vxe
- pdf_file_size_bytes: 191208
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 15
|
| pdf_data/st_filename |
0436b_pdf.pdf |
383-4-336 ST v1.1.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL4: 9
- EAL4 augmented: 4
|
- EAL:
- EAL2: 3
- EAL2 augmented: 1
- EAL2+: 2
|
| pdf_data/st_keywords/cc_sar |
- ACM:
- ACM_AUT.1: 2
- ACM_CAP.4: 1
- ACM_SCP.2: 2
- ADO:
- ADO_DEL.2: 2
- ADO_IGS.1: 2
- ADV:
- ADV_FSP.2: 2
- ADV_HLD.2: 2
- ADV_IMP.1: 2
- ADV_LLD.1: 2
- ADV_RCR.1: 2
- ADV_SPM.1: 2
- AGD:
- AGD_ADD: 2
- AGD_ADM.1: 2
- AGD_USR.1: 1
- ALC:
- ALC_DVS.1: 2
- ALC_FLR.3: 8
- ALC_LCD.1: 2
- ALC_TAT.1: 2
- ATE:
- ATE_COV.2: 2
- ATE_DPT.1: 1
- ATE_FUN.1: 2
- ATE_IND.2: 2
- AVA:
- AVA_MSU.2: 2
- AVA_SOF.1: 2
- AVA_VLA.2: 3
|
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.2: 1
- ADV_TDS.1: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.2: 1
- ALC_CMS.2: 1
- ALC_DEL.1: 1
- ALC_FLR.2: 4
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FDP:
- FDP_ACC: 26
- FDP_ACC.1: 13
- FDP_ACF: 21
- FDP_ACF.1: 16
- FDP_IFC: 45
- FDP_IFC.1: 17
- FDP_IFF: 43
- FDP_IFF.1: 35
- FIA:
- FIA_AFL: 1
- FIA_ATD.1: 7
- FIA_ATD.1.1: 1
- FIA_SOS.1: 7
- FIA_SOS.1.1: 1
- FIA_UAU: 1
- FIA_UAU.8: 30
- FIA_UID: 1
- FIA_UID.1: 3
- FIA_UID.2: 2
- FIA_UID.3: 34
- FIA_USB.1: 7
- FIA_USB.1.1: 1
- FIA_USB.1.2: 1
- FIA_USB.1.3: 1
- FMT:
- FMT_MSA: 95
- FMT_MSA.1: 14
- FMT_MSA.3: 22
- FMT_SMF.1: 32
- FMT_SMF.1.1: 1
- FMT_SMR.1: 22
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FRU:
|
- FAU:
- FAU_GEN: 3
- FAU_GEN.1: 10
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 6
- FAU_GEN.2.1: 1
- FAU_SAR.1: 6
- FAU_SAR.1.1: 1
- FAU_SAR.1.2: 1
- FCS:
- FCS_CKM.1: 8
- FCS_CKM.1.1: 1
- FCS_CKM.4: 9
- FCS_CKM.4.1: 1
- FCS_COP.1: 8
- FCS_COP.1.1: 1
- FIA:
- FIA_ATD.1: 5
- FIA_ATD.1.1: 1
- FIA_UAU.1: 7
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UAU.5: 6
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UAU.7: 6
- FIA_UAU.7.1: 1
- FIA_UID.1: 12
- FIA_UID.1.1: 1
- FIA_UID.1.2: 1
- FIA_UID.2: 1
- FMT:
- FMT_MOF.1: 7
- FMT_MOF.1.1: 1
- FMT_MSA.1: 3
- FMT_MTD.1: 7
- FMT_MTD.1.1: 1
- FMT_SMF.1: 9
- FMT_SMF.1.1: 1
- FMT_SMR.1: 10
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FPT_ITT.1: 6
- FPT_ITT.1.1: 1
- FPT_STM.1: 8
- FTA:
- FTA_SSL.3: 6
- FTA_SSL.3.1: 1
- FTP:
- FTP_ITC.1: 6
- FTP_ITC.1.1: 1
- FTP_ITC.1.2: 1
- FTP_ITC.1.3: 1
- FTP_TRP.1: 6
- FTP_TRP.1.1: 1
- FTP_TRP.1.2: 1
- FTP_TRP.1.3: 1
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.BLOCKLIST: 4
- A.COM_PROT: 3
- A.INSTALL: 3
- A.NO_EVIL_ADM: 1
- A.NO_EVIL_ADMIN: 2
- A.PHYS_PROTECT: 4
- A.PLATFORM: 4
- O:
- O.CONBLK: 7
- O.DAC: 11
- O.MAIL_FLOW: 5
- O.QUOTA: 7
- O.REDUCE_SPAM: 6
- O.RESTDIST: 7
- OE:
- OE.BLOCKLIST: 3
- OE.COM_PROT: 3
- OE.INSTALL: 7
- OE.PHYSICAL: 3
- OE.PLATFORM: 16
- OSP:
- T:
- T.AUTH_DAC: 4
- T.DL_MISUSE: 4
- T.OVERFLOW: 4
- T.SPAM: 7
- T.UNAUTHUSE: 3
- T.UNAUTH_DAC: 3
|
- A:
- A.INSTALL: 2
- A.LOCATE: 2
- A.MANAGE: 1
- A.NETCON: 1
- A.NO_EVIL: 2
- A.PROTECT: 2
- A.TIMESTAMPS: 2
- A.TRUSTNET: 2
- O:
- O.ATTRIB: 3
- O.ATTRIBUTES: 1
- O.AUDIT: 6
- O.AUTH: 6
- O.AUTO: 1
- O.CRYPTO: 4
- O.DISCOVERY: 3
- O.MANAGE: 4
- O.SECURE: 4
- OE:
- OE.NO_EVIL: 3
- OE.PHYSICAL: 3
- OE.PLATFORM: 3
- OE.PROTECT: 5
- OE.TIMESTAMPS: 2
- OE.TIME_STAMPS: 1
- T:
- T.COMINT: 2
- T.NOAUDIT: 2
- T.TRANSMIT: 2
- T.UNAUTH: 2
- T.UNDETECT: 2
|
| pdf_data/st_keywords/vendor |
- Microsoft:
- Microsoft: 42
- Microsoft Corporation: 2
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
- AES_competition:
- DES:
- constructions:
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
- SHA:
- SHA1:
- SHA2:
- SHA-224: 1
- SHA-256: 3
- SHA-384: 3
- SHA-512: 2
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
- CBC:
- CCM:
- CFB:
- CTR:
- ECB:
- GCM:
- OFB:
- XEX:
- XTS:
|
| pdf_data/st_keywords/ecc_curve |
|
- NIST:
- B-224: 1
- B-384: 1
- K-224: 1
- K-384: 1
- P-224: 2
- P-384: 2
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- RFC:
- RFC 1725: 1
- RFC 1730: 1
- RFC 2821: 11
- RFC 2822: 7
- RFC1725: 1
- RFC1730: 1
|
- FIPS:
- FIPS 140-2: 11
- FIPS 180-2: 2
- FIPS 186-3: 2
- FIPS 186-4: 8
- FIPS 197: 2
- FIPS 198: 2
- FIPS 46-3: 2
- FIPS4: 1
- NIST:
- NIST SP 800-90A: 1
- SP 800-135: 1
- SP 800-56A: 2
- PKCS:
- PKCS #1: 1
- PKCS#1: 1
- PKCS38: 1
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- it should be noted that the way these external lists are compiled and transferred to the TOE are out of scope of the evaluation. Security Target Page 14/83 2.3.4 Important functionality of the environment The: 1
- out of scope: 1
|
|
| pdf_data/st_metadata |
|
|
| state/cert/convert_garbage |
False |
True |
| state/cert/convert_ok |
False |
False |
| state/cert/download_ok |
False |
True |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Equal |
Equal |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |