| name |
Microsoft Exchange Server 2007 Enterprise Edition (English), Version/Build 08.02.0176.002 |
IBM DB2 Content Manager Enterprise Edition V8.4 Fix Pack 1a |
| category |
Other Devices and Systems |
Databases |
| scheme |
DE |
US |
| status |
archived |
archived |
| not_valid_after |
01.09.2019 |
20.07.2012 |
| not_valid_before |
16.11.2009 |
27.01.2009 |
| cert_link |
None |
None |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0436a_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10220-vr.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0436b_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10220-st.pdf |
| manufacturer |
Microsoft Corporation |
IBM Corporation |
| manufacturer_web |
https://www.microsoft.com |
https://www.ibm.com |
| security_level |
EAL4+ |
EAL4+, ALC_FLR.2 |
| dgst |
95badceef1b711cb |
a08ddf6cd00e50df |
| heuristics/cert_id |
BSI-DSZ-CC-0436-2009 |
CCEVS-VR-VID-10220-2009 |
| heuristics/cert_lab |
BSI |
US |
| heuristics/cpe_matches |
{} |
cpe:2.3:a:ibm:content_manager:8.4.3:*:*:*:enterprise:*:*:* |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
CVE-2018-1502 |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ADV_IMP.1, ATE_IND.2, AVA_SOF.1, ADV_HLD.2, AVA_VLA.2, ADV_RCR.1, ADV_LLD.1, ATE_COV.2, ALC_FLR.3, AGD_USR.1, AVA_MSU.2, ADV_SPM.1, ADV_FSP.2, AGD_ADM.1, ATE_DPT.1, ALC_DVS.1, ALC_TAT.1, ALC_LCD.1, ATE_FUN.1 |
ADV_IMP.1, ATE_IND.2, ATE_FUN.1, ADV_HLD.2, AVA_SOF.1, AVA_VLA.2, ADV_RCR.1, ADV_LLD.1, ATE_COV.2, AVA_MSU.2, AGD_USR.1, ADV_SPM.1, ADV_FSP.2, AGD_ADM.1, ATE_DPT.1, ALC_DVS.1, ALC_TAT.1, ALC_LCD.1, ALC_FLR.2 |
| heuristics/extracted_versions |
08.02.0176.002 |
8.4 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
{} |
| pdf_data/cert_filename |
None |
None |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
0436a_pdf.pdf |
st_vid10220-vr.pdf |
| pdf_data/report_frontpage |
- DE:
- cert_id: BSI-DSZ-CC-0436-2009
- cert_item: Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002
- cert_lab: BSI
- developer: Microsoft Corporation
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
- US:
|
- DE:
- US:
- cert_id: CCEVS-VR-VID10220-2009
- cert_item: IBM® DB2® Content Manager Enterprise Edition V8.4 FP1A
- cert_lab: US NIAP
|
| pdf_data/report_keywords/cc_cert_id |
|
- US:
- CCEVS-VR-VID10220-2009: 1
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 1: 1
- EAL 4: 3
- EAL 4 augmented: 2
- EAL 7: 1
- EAL1: 5
- EAL2: 3
- EAL3: 4
- EAL4: 8
- EAL4 augmented: 1
- EAL5: 6
- EAL6: 3
- EAL7: 4
|
- EAL:
- EAL 4: 11
- EAL 4 augmented: 4
- EAL4: 3
|
| pdf_data/report_keywords/cc_sar |
- ACM:
- ACM_AUT: 2
- ACM_CAP: 2
- ACM_SCP: 2
- ADO:
- ADV:
- ADV_FSP: 2
- ADV_HLD: 2
- ADV_IMP: 2
- ADV_INT: 2
- ADV_LLD: 2
- ADV_RCR: 2
- ADV_SPM: 2
- AGD:
- ALC:
- ALC_DVS: 2
- ALC_FLR: 2
- ALC_FLR.3: 4
- ALC_LCD: 1
- ALC_TAT: 2
- APE:
- APE_DES: 1
- APE_ENV: 1
- APE_INT: 1
- APE_OBJ: 1
- APE_REQ: 1
- APE_SRE: 1
- ASE:
- ASE_DES: 1
- ASE_ENV: 1
- ASE_INT: 1
- ASE_OBJ: 1
- ASE_PPC: 1
- ASE_REQ: 1
- ASE_SRE: 1
- ASE_TSS: 1
- ATE:
- ATE_COV: 2
- ATE_DPT: 2
- ATE_FUN: 2
- ATE_IND: 2
- AVA:
- AVA_CCA: 2
- AVA_MSU: 2
- AVA_SOF: 3
- AVA_VLA: 3
- AVA_VLA.2: 1
- AVA_VLA.3: 1
- AVA_VLA.4: 1
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
- Microsoft:
- Microsoft: 17
- Microsoft Corporation: 5
|
|
| pdf_data/report_keywords/eval_facility |
- TUV:
- TÜV Informationstechnik: 3
- tuvit: 12
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
- BSI:
- BSI 7125: 2
- BSI 7148: 1
- BSI 7149: 1
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
|
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- ConfidentialDocument:
- 02.0176.002, EVALUATION TECHNICAL REPORT, Version 3, Date 2009-10-01, TÜV Informationstechnik GmbH (confidential document) [8] Configuration list for the TOE: Exchange Server 2007 Common Criteria Evaluation, Configuration: 1
- Server, Version: 1.05, Date: 2009-09-28; including all document as referenced in chapter 3.2. (confidential documents) [9] Microsoft Exchange Server 2007 Enterprise Edition Common Criteria Evaluation – Guidance: 1
- OutOfScope:
- TOE in the certified version and configuration. The version of the help-file on the product DVD is out of scope of the certification. The TOE has to be installed and configured according to the Guidance Addendum: 1
- any client. The way external lists for filtering of messages are compiled and transferred is also out of scope of the evaluation. Some security functionality of the TOE environment, namely of the operating: 1
- out of scope: 2
|
|
| pdf_data/report_metadata |
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20091209111723+01'00'
- /Creator: Writer
- /Keywords: "Microsoft Exchange Server 2007 Enterprise Edition (English) Version/Build 08.02.0176.002, Microsoft Corporation, Common Criteria, Certification, Zertifzierung"
- /ModDate: D:20091218092509+01'00'
- /Producer: StarOffice 9
- /Subject: Common Criteria Certification
- /Title: Certification Report BSI-DSZ-CC-0436-2009
- pdf_file_size_bytes: 966828
- pdf_hyperlinks: http://www.bsi.bund.de/
- pdf_is_encrypted: False
- pdf_number_of_pages: 34
|
|
| pdf_data/st_filename |
0436b_pdf.pdf |
st_vid10220-st.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL4: 9
- EAL4 augmented: 4
|
- EAL:
- EAL 4: 3
- EAL 4 augmented: 2
- EAL4: 6
- EAL4 augmented: 4
|
| pdf_data/st_keywords/cc_sar |
- ACM:
- ACM_AUT.1: 2
- ACM_CAP.4: 1
- ACM_SCP.2: 2
- ADO:
- ADO_DEL.2: 2
- ADO_IGS.1: 2
- ADV:
- ADV_FSP.2: 2
- ADV_HLD.2: 2
- ADV_IMP.1: 2
- ADV_LLD.1: 2
- ADV_RCR.1: 2
- ADV_SPM.1: 2
- AGD:
- AGD_ADD: 2
- AGD_ADM.1: 2
- AGD_USR.1: 1
- ALC:
- ALC_DVS.1: 2
- ALC_FLR.3: 8
- ALC_LCD.1: 2
- ALC_TAT.1: 2
- ATE:
- ATE_COV.2: 2
- ATE_DPT.1: 1
- ATE_FUN.1: 2
- ATE_IND.2: 2
- AVA:
- AVA_MSU.2: 2
- AVA_SOF.1: 2
- AVA_VLA.2: 3
|
- ACM:
- ACM_AUT: 1
- ACM_AUT.1: 10
- ACM_CAP: 1
- ACM_CAP.4: 20
- ACM_SCP: 1
- ACM_SCP.2: 6
- ADO:
- ADO_DEL: 1
- ADO_DEL.2: 9
- ADO_IGS: 1
- ADO_IGS.1: 7
- ADV:
- ADV_FSP: 1
- ADV_FSP.2: 11
- ADV_HLD: 1
- ADV_HLD.2: 15
- ADV_IMP: 1
- ADV_IMP.1: 8
- ADV_LLD: 1
- ADV_LLD.1: 16
- ADV_RCR: 1
- ADV_RCR.1: 5
- ADV_SPM: 1
- ADV_SPM.1: 12
- AGD:
- AGD_ADM: 2
- AGD_ADM.1: 12
- AGD_USR: 1
- AGD_USR.1: 11
- ALC:
- ALC_DVS: 1
- ALC_DVS.1: 8
- ALC_FLR: 1
- ALC_FLR.2: 21
- ALC_LCD: 1
- ALC_LCD.1: 8
- ALC_TAT: 1
- ALC_TAT.1: 9
- ATE:
- ATE_COV: 1
- ATE_COV.2: 7
- ATE_DPT: 1
- ATE_DPT.1: 6
- ATE_FUN: 1
- ATE_FUN.1: 11
- ATE_IND: 1
- ATE_IND.2: 9
- AVA:
- AVA_MSU: 1
- AVA_MSU.2: 14
- AVA_SOF: 1
- AVA_SOF.1: 8
- AVA_VLA: 1
- AVA_VLA.2: 14
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FDP:
- FDP_ACC: 26
- FDP_ACC.1: 13
- FDP_ACF: 21
- FDP_ACF.1: 16
- FDP_IFC: 45
- FDP_IFC.1: 17
- FDP_IFF: 43
- FDP_IFF.1: 35
- FIA:
- FIA_AFL: 1
- FIA_ATD.1: 7
- FIA_ATD.1.1: 1
- FIA_SOS.1: 7
- FIA_SOS.1.1: 1
- FIA_UAU: 1
- FIA_UAU.8: 30
- FIA_UID: 1
- FIA_UID.1: 3
- FIA_UID.2: 2
- FIA_UID.3: 34
- FIA_USB.1: 7
- FIA_USB.1.1: 1
- FIA_USB.1.2: 1
- FIA_USB.1.3: 1
- FMT:
- FMT_MSA: 95
- FMT_MSA.1: 14
- FMT_MSA.3: 22
- FMT_SMF.1: 32
- FMT_SMF.1.1: 1
- FMT_SMR.1: 22
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FRU:
|
- FAU:
- FAU_GEN.1: 3
- FAU_GEN.2: 8
- FAU_GEN.2.1: 1
- FAU_GEN_EXP.1: 12
- FAU_GEN_EXP.1.1: 1
- FAU_GEN_EXP.1.2: 1
- FAU_SAR.1: 18
- FAU_SAR.3: 5
- FAU_SAR.3.1: 1
- FAU_STG.1: 5
- FAU_STG.1.1: 1
- FAU_STG.1.2: 1
- FCS:
- FCS_CKM.1: 26
- FCS_CKM.2: 2
- FCS_CKM.4: 17
- FCS_CKM.4.1: 1
- FCS_COP.1: 37
- FDP:
- FDP_ACC.1: 5
- FDP_ACC.2: 10
- FDP_ACC.2.1: 1
- FDP_ACC.2.2: 1
- FDP_ACF.1: 8
- FDP_ACF.1.1: 1
- FDP_ACF.1.2: 1
- FDP_ACF.1.3: 1
- FDP_ACF.1.4: 1
- FDP_IFC.1: 4
- FDP_ITC.1: 4
- FDP_ITC.2: 4
- FIA:
- FIA_AFL.1: 8
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_ATD.1: 25
- FIA_UAU.2: 16
- FIA_UID.1: 4
- FIA_UID.2: 17
- FMT:
- FMT_MOF.1: 8
- FMT_MOF.1.1: 1
- FMT_MSA.1: 19
- FMT_MSA.2: 20
- FMT_MSA.2.1: 1
- FMT_MSA.3: 11
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_MTD.1: 42
- FMT_SMF.1: 24
- FMT_SMF.1.1: 1
- FMT_SMR.1: 20
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FPT_ITT.1: 6
- FPT_ITT.1.1: 1
- FPT_RVM.1: 16
- FPT_SEP: 1
- FPT_SEP.1: 7
- FPT_SEP.1.1: 1
- FPT_SEP.1.2: 1
- FPT_SEP_EXP.1: 9
- FPT_SEP_EXP.1.1: 1
- FPT_SEP_EXP.1.2: 1
- FPT_STM.1: 6
- FPT_STM.1.1: 1
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.BLOCKLIST: 4
- A.COM_PROT: 3
- A.INSTALL: 3
- A.NO_EVIL_ADM: 1
- A.NO_EVIL_ADMIN: 2
- A.PHYS_PROTECT: 4
- A.PLATFORM: 4
- O:
- O.CONBLK: 7
- O.DAC: 11
- O.MAIL_FLOW: 5
- O.QUOTA: 7
- O.REDUCE_SPAM: 6
- O.RESTDIST: 7
- OE:
- OE.BLOCKLIST: 3
- OE.COM_PROT: 3
- OE.INSTALL: 7
- OE.PHYSICAL: 3
- OE.PLATFORM: 16
- OSP:
- T:
- T.AUTH_DAC: 4
- T.DL_MISUSE: 4
- T.OVERFLOW: 4
- T.SPAM: 7
- T.UNAUTHUSE: 3
- T.UNAUTH_DAC: 3
|
- A:
- A.AUTH_DATA: 3
- A.MANAGE: 5
- A.NOEVIL: 4
- A.OS: 5
- A.PROTECT: 4
- A.SYSTEM: 5
- O:
- O.ACCOUNTABILITY: 4
- O.AUTHORIZE: 6
- O.AUTHORIZED: 1
- O.MANAGE: 4
- O.OBJ_ACCESS: 5
- O.PARTIAL_SEP: 6
- OE:
- OE.AUDITING: 6
- OE.AUTHORIZED: 4
- OE.CREDEN: 4
- OE.INSTALL: 3
- OE.PERSON: 4
- OE.PHYCAL: 3
- OE.SEP: 5
- OE.TIME: 4
|
| pdf_data/st_keywords/vendor |
- Microsoft:
- Microsoft: 42
- Microsoft Corporation: 2
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- RFC:
- RFC 1725: 1
- RFC 1730: 1
- RFC 2821: 11
- RFC 2822: 7
- RFC1725: 1
- RFC1730: 1
|
- FIPS:
- FIPS 140-2: 8
- FIPS 180-2: 1
- FIPS 197: 1
- FIPS PUB 186-2: 1
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- it should be noted that the way these external lists are compiled and transferred to the TOE are out of scope of the evaluation. Security Target Page 14/83 2.3.4 Important functionality of the environment The: 1
- out of scope: 1
|
|
| pdf_data/st_metadata |
|
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
False |
False |
| state/cert/download_ok |
False |
False |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Equal |
Equal |
| state/cert/txt_hash |
Equal |
Equal |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |