This page was not yet optimized for use on mobile
devices.
Sonicwall SonicOS/X v7.0.1 with VPN and IPS on TZ, NSa, NSsp, and NSv Appliances
Known vulnerabilities detected
Our automated heuristics have identified vulnerabilities that may be associated with this certificate. See the CVEs section for details.CSV information
| Status | active |
|---|---|
| Valid from | 08.01.2025 |
| Valid until | 14.12.2026 |
| Scheme | 🇺🇸 US |
| Manufacturer | SonicWALL, Inc |
| Category | Network and Network-Related Devices and Systems |
| Security level | |
| Protection profiles |
Heuristics summary
Certificate ID: CCEVS-VR-VID-11473-2025
Certificate
certificate file processing did not finish successfully.
Show more...
Download pdf:
OK
Convert pdf to text:
OK
Extract keywords:
ERROR
Extracted keywords
Protocols
VPNCertificates
CCEVS-VR-VID11473-2025Evaluation facilities
Acumen SecurityCertification report
Extracted keywords
Protocols
SSH, TLS, IPsec, VPNSecurity level
EAL 1Claims
T.UNAUTHORIZED_ADMINISTRATOR_ACCESS, T.WEAK_CRYPTOGRAPHY, T.UNTRUSTED_COMMUNICATION_CHANNELS, T.WEAK_AUTHENTICATION_ENDPOINTS, T.UPDATE_COMPROMISE, T.UNDETECTED_ACTIVITY, T.SECURITY_FUNCTIONALITY_COMPROMISE, T.PASSWORD_CRACKING, T.SECURITY_FUNCTIONALITY_FAILURE, T.NETWORK_DISCLOSURE, T.NETWORK_ACCESS, T.NETWORK_MISUSE, T.MALICIOUS_TRAFFIC, T.DATA_INTEGRITY, T.REPLAY_ATTACK, T.NETWORK_DOS, A.PHYSICAL_PROTECTION, A.LIMITED_FUNCTIONALITY, A.NO_THRU_TRAFFIC_PROTECTION, A.TRUSTED_ADMINISTRATOR, A.REGULAR_UPDATES, A.ADMIN_CREDENTIALS_SECURE, A.RESIDUAL_INFORMATION, A.VS_TRUSTED_ADMINISTRATOR, A.VS_REGULAR_UPDATES, A.VS_ISOLATION, A.VS_CORRECT_CONFIGURATION, A.CONNECTIONSCertificates
CCEVS-VR-VID11473-2025Evaluation facilities
Acumen SecurityStandards
X.509File metadata
| Author | ppatin |
|---|---|
| Creation date | D:20250113094916-05'00' |
| Modification date | D:20250113094916-05'00' |
| Pages | 29 |
| Creator | Microsoft® Word 2019 |
| Producer | Microsoft® Word 2019 |
Frontpage
| Certificate ID | CCEVS-VR-VID11473-2025 |
|---|---|
| Certified item | for the Sonicwall SonicOS/X v7.0.1 with VPN and IPS on TZ, NSa, NSsp, and NSv Appliances |
| Certification lab | US NIAP |
Security target
Extracted keywords
Symmetric Algorithms
AES, AES-, AES-256, AES-128, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512Asymmetric Algorithms
ECDHE, ECDH, ECDSA, ECC, Diffie-Hellman, DH, DSAHash functions
SHA-1, SHA-256, SHA-384, SHA-512Schemes
MAC, Key Exchange, Key AgreementProtocols
SSH, SSL, SSL 2.0, SSL 3.0, TLS, TLS 1.2, TLS 1.0, TLS 1.1, TLS1.1, TLS1.2, DTLS, IKEv2, IKE, IPsec, VPNRandomness
DRBG, RBGLibraries
OpenSSLElliptic Curves
P-256, P-384, P-521, secp256r1, secp384r1, secp521r1Block cipher modes
CBC, GCMTLS cipher suites
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384Claims
O.RESIDUAL_, O.STATEFUL_TRAFFIC_, O.ADDRESS_FILTERING, O.AUTHENTICATION, O.CRYPTOGRAPHIC_, O.FAIL_SECURE, O.PORT_FILTERING, O.SYSTEM_MONITORING, O.TOE_ADMINISTRATION, O.IPS_ANALYZE, O.IPS_REACT, T.UNAUTHORIZED_ADMINISTRATOR_ACCESS, T.WEAK_CRYPTOGRAPHY, T.UNTRUSTED_COMMUNICATION_CHANNELS, T.WEAK_AUTHENTICATION_ENDPOINTS, T.UPDATE_COMPROMISE, T.UNDETECTED_ACTIVITY, T.SECURITY_FUNCTIONALITY_COMPROMISE, T.PASSWORD_CRACKING, T.SECURITY_FUNCTIONALITY_FAILURE, T.NETWORK_DISCLOSURE, T.NETWORK_ACCESS, T.NETWORK_MISUSE, T.MALICIOUS_TRAFFIC, T.DATA_INTEGRITY, T.REPLAY_ATTACK, T.NETWORK_DOS, A.PHYSICAL_PROTECTION, A.LIMITED_FUNCTIONALITY, A.NO_THRU_TRAFFIC_PROTECTION, A.TRUSTED_ADMINISTRATOR, A.REGULAR_UPDATES, A.ADMIN_CREDENTIALS_SECURE, A.COMPONENTS_RUNNING, A.RESIDUAL_INFORMATION, A.VS_TRUSTED_ADMINISTRATOR, A.VS_REGULAR_UPDATES, A.VS_ISOLATION, A.VS_CORRECT_CONFIGURATION, A.CONNECTIONS, OE.PHYSICAL, OE.NO_GENERAL_PURPOSE, OE.NO_THRU_TRAFFIC_PROTECTION, OE.TRUSTED_ADMN, OE.UPDATES, OE.ADMIN_CREDENTIALS_SECURE, OE.COMPONENTS_RUNNING, OE.RESIDUAL_INFORMATION, OE.VM_CONFIGURATION, OE.CONNECTIONSSecurity Assurance Requirements (SAR)
ADV_FSP.1, AGD_OPE.1, AGD_PRE.1, ALC_CMC.1, ALC_CMS.1, ATE_IND.1, AVA_VAN, AVA_VAN.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.1, ASE_REQ.1, ASE_SPD.1, ASE_TSS.1Security Functional Requirements (SFR)
FAU_GEN.1, FAU_GEN, FAU_GEN.2, FAU_STG_EXT.1, FAU_GEN.1.1, FAU_GEN.1.2, FAU_GEN.2.1, FAU_STG_EXT.1.1, FAU_STG_EXT.1.2, FAU_STG_EXT.1.3, FCS_NTP_EXT.1.4, FCS_TLSC_EXT.2.3, FCS_CKM.1, FCS_CKM, FCS_CKM.2, FCS_CKM.4, FCS_COP, FCS_RBG_EXT.1, FCS_TLSS_EXT.1, FCS_CKM.1.1, FCS_CKM.2.1, FCS_CKM.4.1, FCS_COP.1, FCS_RBG_EXT.1.1, FCS_RBG_EXT.1.2, FCS_TLSS_EXT.1.1, FCS_TLSS_EXT.1.2, FCS_TLSS_EXT.1.3, FCS_TLSS_EXT.1.4, FDP_RIP.2, FDP_RIP.2.1, FIA_AFL.1, FIA_PMG_EXT.1, FIA_PSK_EXT.3, FIA_PSK_EXT.1.1, FIA_PSK_EXT.1, FIA_UIA_EXT.1, FIA_UAU_EXT.2, FIA_UAU.7, FIA_AFL.1.1, FIA_AFL.1.2, FIA_PMG_EXT.1.1, FIA_UIA_EXT.1.1, FIA_UIA_EXT.1.2, FIA_UAU_EXT.2.1, FIA_UAU.7.1, FMT_MOF, FMT_MTD, FMT_SMF.1, FMT_SMF, FMT_SMR.2, FMT_MOF.1, FMT_MTD.1, FMT_SMF.1.1, FMT_SMR.2.1, FMT_SMR.2.2, FMT_SMR.2.3, FPT_APW_EXT.1, FPT_FLS, FPT_STM_EXT.1, FPT_SKP_EXT.1, FPT_TST_EXT.1, FPT_TST_EXT.3, FPT_TUD_EXT.1, FPT_APW_EXT.1.1, FPT_APW_EXT.1.2, FPT_SKP_EXT.1.1, FPT_STM_EXT.1.1, FPT_STM_EXT.1.2, FPT_TST_EXT.1.1, FPT_TST_EXT.3.1, FPT_TST_EXT.3.2, FPT_TUD_EXT.1.1, FPT_TUD_EXT.1.2, FPT_TUD_EXT.1.3, FPT_FLS.1, FTA_SSL_EXT.1, FTA_SSL.3, FTA_SSL.4, FTA_TAB.1, FTA_SSL_EXT.1.1, FTA_SSL.3.1, FTA_SSL.4.1, FTA_TAB.1.1, FTP_ITC.1, FTP_ITC, FTP_TRP, FTP_ITC.1.1, FTP_ITC.1.2, FTP_ITC.1.3, FTP_TRP.1Evaluation facilities
Acumen SecurityStandards
FIPS PUB 186-4, FIPS186-4, NIST SP 800-90, PKCS #1, PKCS 1, RFC 5077, RFC 3526, RFC 3447, RFC 2818, RFC 4301, RFC 4303, RFC 3602, RFC 5996, RFC 4868, RFC 5282, RFC 5114, RFC 4945, RFC 5246, RFC 4492, RFC 5289, RFC 4346, RFC 5280, RFC 6960, RFC 2986, RFC 5735, RFC 3513, RFC 791, RFC 8200, RFC 793, RFC 768, RFC 2460, RFC 792, RFC 2463, RFC 4443, RFC 8017, ISO/IEC 9796-2, ISO/IEC 14888-3, ISO/IEC 10118-, ISO/IEC 18031:2011, X.509File metadata
| Title | Sonicwall SonicOS/X v7.0.1 with VPN and IPS on TZ, NSa, NSsp, and NSv Appliances Security Target v1.0 |
|---|---|
| Author | Shehan Dissanayake |
| Creation date | D:20250113095601-05'00' |
| Modification date | D:20250113095601-05'00' |
| Pages | 85 |
| Creator | Microsoft® Word 2019 |
| Producer | Microsoft® Word 2019 |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.Certificate ID
CCEVS-VR-VID-11473-2025Extracted SARs
ADV_FSP.1, AGD_OPE.1, AGD_PRE.1, ALC_CMC.1, ALC_CMS.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.1, ASE_REQ.1, ASE_SPD.1, ASE_TSS.1, ATE_IND.1, AVA_VAN.1CPE matches
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5019:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5023:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5026:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5030-r2007:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5030-r945:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5030:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5035:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5052:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5054:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5065:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5072:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5080:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5083:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5095:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5100:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5111:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5119:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5129:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5145:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5151:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5161:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5165:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1-5169:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1:april_2021:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1:july_2021:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1:june_2021:*:*:*:*:*:*
Related CVEs
| ID | Links | Severity | CVSS Score | Published on |
|---|---|---|---|---|
| Base score | ||||
| CVE-2021-20019 | HIGH | 7.5 | 23.06.2021 | |
| CVE-2021-3449 | MEDIUM | 5.9 | 25.03.2021 | |
| CVE-2021-3450 | HIGH | 7.4 | 25.03.2021 |
Similar certificates
| Name | Certificate ID | |
|---|---|---|
| SonicWall SonicOS/X v7.0.1 with VPN and IPS on NSsp 15700 | CCEVS-VR-VID-11528-2025 | Compare |
Scheme data
| Product | Sonicwall SonicOS/X v7.0.1 with VPN and IPS on TZ, NSa, NSsp, and NSv Appliances | |
|---|---|---|
| Id | CCEVS-VR-VID11473-2025 | |
| Url | https://www.niap-ccevs.org/products/11473 | |
| Api Url | https://www.niap-ccevs.org/api/project/product/pcl_products/11473/ | |
| Certification Date | 08.01.2025 | |
| Expiration Date | None | |
| Category | Firewall | |
| Categories | ['Firewall', ' Network Device', ' Network Encryption', ' Virtual Private Network'] | |
| Vendor | SonicWall, Inc. | |
| Evaluation Facility | Acumen Security | |
| Scheme | US | |
| Agd Link | https://www.niap-ccevs.org/api/file/get_public_file/?file_id=32775 | |
| Aar Link | https://www.niap-ccevs.org/api/file/get_public_file/?file_id=32776 | |
| Cert Link | https://www.niap-ccevs.org/api/file/get_public_file/?file_id=32777 | |
| Target Link | https://www.niap-ccevs.org/api/file/get_public_file/?file_id=32778 | |
| Report Link | https://www.niap-ccevs.org/api/file/get_public_file/?file_id=32779 | |
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Network and Network-Related Devices and Systems",
"cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11473-ci.pdf",
"dgst": "1f36092c690f102b",
"heuristics": {
"_type": "sec_certs.sample.cc_eucc_common.Heuristics",
"annotated_references": null,
"cert_id": "CCEVS-VR-VID-11473-2025",
"cert_lab": [
"US"
],
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5165:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5111:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5083:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5019:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5145:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5119:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5054:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5026:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5030-r2007:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1:june_2021:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5072:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5030:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5100:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5151:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5065:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5095:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1.0:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1:april_2021:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1:july_2021:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5030-r945:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5169:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5080:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5129:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5052:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5035:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5023:*:*:*:*:*:*:*",
"cpe:2.3:o:sonicwall:sonicos:7.0.1-5161:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"eal": "EAL1",
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 1
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"7.0.1"
]
},
"indirect_transitive_cves": null,
"next_certificates": null,
"prev_certificates": null,
"protection_profiles": {
"_type": "Set",
"elements": [
"89f2a255423f4a20",
"bde3d7587cf42e78",
"e2ad7e4a892e3703",
"6448a1802bb874d8"
]
},
"related_cves": {
"_type": "Set",
"elements": [
"CVE-2021-3450",
"CVE-2021-3449",
"CVE-2021-20019"
]
},
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"scheme_data": {
"aar_link": "https://www.niap-ccevs.org/api/file/get_public_file/?file_id=32776",
"agd_link": "https://www.niap-ccevs.org/api/file/get_public_file/?file_id=32775",
"api_url": "https://www.niap-ccevs.org/api/project/product/pcl_products/11473/",
"categories": [
"Firewall",
" Network Device",
" Network Encryption",
" Virtual Private Network"
],
"category": "Firewall",
"cert_link": "https://www.niap-ccevs.org/api/file/get_public_file/?file_id=32777",
"certification_date": "2025-01-08",
"evaluation_facility": "Acumen Security",
"expiration_date": null,
"id": "CCEVS-VR-VID11473-2025",
"product": "Sonicwall SonicOS/X v7.0.1 with VPN and IPS on TZ, NSa, NSsp, and NSv Appliances",
"report_link": "https://www.niap-ccevs.org/api/file/get_public_file/?file_id=32779",
"scheme": "US",
"target_link": "https://www.niap-ccevs.org/api/file/get_public_file/?file_id=32778",
"url": "https://www.niap-ccevs.org/products/11473",
"vendor": "SonicWall, Inc."
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "SonicWALL, Inc",
"manufacturer_web": "https://www.sonicwall.com/",
"name": "Sonicwall SonicOS/X v7.0.1 with VPN and IPS on TZ, NSa, NSsp, and NSv Appliances",
"not_valid_after": "2026-12-14",
"not_valid_before": "2025-01-08",
"pdf_data": {
"_type": "sec_certs.sample.cc_eucc_common.PdfData",
"cert_filename": "st_vid11473-ci.pdf",
"cert_frontpage": null,
"cert_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"US": {
"CCEVS-VR-VID11473-2025": 1
}
},
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {},
"cc_security_level": {},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"VPN": {
"VPN": 2
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"Acumen": {
"Acumen Security": 1
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"cert_metadata": null,
"report_filename": "st_vid11473-vr.pdf",
"report_frontpage": {
"US": {
"cert_id": "CCEVS-VR-VID11473-2025",
"cert_item": "for the Sonicwall SonicOS/X v7.0.1 with VPN and IPS on TZ, NSa, NSsp, and NSv Appliances",
"cert_lab": "US NIAP"
}
},
"report_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"US": {
"CCEVS-VR-VID11473-2025": 1
}
},
"cc_claims": {
"A": {
"A.ADMIN_CREDENTIALS_SECURE": 1,
"A.CONNECTIONS": 2,
"A.LIMITED_FUNCTIONALITY": 1,
"A.NO_THRU_TRAFFIC_PROTECTION": 1,
"A.PHYSICAL_PROTECTION": 1,
"A.REGULAR_UPDATES": 1,
"A.RESIDUAL_INFORMATION": 1,
"A.TRUSTED_ADMINISTRATOR": 1,
"A.VS_CORRECT_CONFIGURATION": 1,
"A.VS_ISOLATION": 1,
"A.VS_REGULAR_UPDATES": 1,
"A.VS_TRUSTED_ADMINISTRATOR": 1
},
"T": {
"T.DATA_INTEGRITY": 1,
"T.MALICIOUS_TRAFFIC": 1,
"T.NETWORK_ACCESS": 2,
"T.NETWORK_DISCLOSURE": 3,
"T.NETWORK_DOS": 1,
"T.NETWORK_MISUSE": 3,
"T.PASSWORD_CRACKING": 1,
"T.REPLAY_ATTACK": 1,
"T.SECURITY_FUNCTIONALITY_COMPROMISE": 1,
"T.SECURITY_FUNCTIONALITY_FAILURE": 1,
"T.UNAUTHORIZED_ADMINISTRATOR_ACCESS": 1,
"T.UNDETECTED_ACTIVITY": 1,
"T.UNTRUSTED_COMMUNICATION_CHANNELS": 1,
"T.UPDATE_COMPROMISE": 1,
"T.WEAK_AUTHENTICATION_ENDPOINTS": 1,
"T.WEAK_CRYPTOGRAPHY": 1
}
},
"cc_protection_profile_id": {},
"cc_sar": {},
"cc_security_level": {
"EAL": {
"EAL 1": 5
}
},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IPsec": {
"IPsec": 3
},
"SSH": {
"SSH": 1
},
"TLS": {
"TLS": {
"TLS": 1
}
},
"VPN": {
"VPN": 61
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"Acumen": {
"Acumen Security": 4
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"X509": {
"X.509": 1
}
},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"report_metadata": {
"/Author": "ppatin",
"/CreationDate": "D:20250113094916-05\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2019",
"/ModDate": "D:20250113094916-05\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2019",
"pdf_file_size_bytes": 405705,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 29
},
"st_filename": "st_vid11473-st.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDH": {
"ECDH": 1,
"ECDHE": 1
},
"ECDSA": {
"ECDSA": 41
}
},
"FF": {
"DH": {
"DH": 7,
"Diffie-Hellman": 3
},
"DSA": {
"DSA": 2
}
}
},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.ADMIN_CREDENTIALS_SECURE": 1,
"A.COMPONENTS_RUNNING": 1,
"A.CONNECTIONS": 2,
"A.LIMITED_FUNCTIONALITY": 1,
"A.NO_THRU_TRAFFIC_PROTECTION": 1,
"A.PHYSICAL_PROTECTION": 1,
"A.REGULAR_UPDATES": 1,
"A.RESIDUAL_INFORMATION": 1,
"A.TRUSTED_ADMINISTRATOR": 1,
"A.VS_CORRECT_CONFIGURATION": 1,
"A.VS_ISOLATION": 1,
"A.VS_REGULAR_UPDATES": 1,
"A.VS_TRUSTED_ADMINISTRATOR": 1
},
"O": {
"O.ADDRESS_FILTERING": 1,
"O.AUTHENTICATION": 1,
"O.CRYPTOGRAPHIC_": 1,
"O.FAIL_SECURE": 1,
"O.IPS_ANALYZE": 1,
"O.IPS_REACT": 1,
"O.PORT_FILTERING": 1,
"O.RESIDUAL_": 1,
"O.STATEFUL_TRAFFIC_": 1,
"O.SYSTEM_MONITORING": 2,
"O.TOE_ADMINISTRATION": 2
},
"OE": {
"OE.ADMIN_CREDENTIALS_SECURE": 1,
"OE.COMPONENTS_RUNNING": 1,
"OE.CONNECTIONS": 2,
"OE.NO_GENERAL_PURPOSE": 1,
"OE.NO_THRU_TRAFFIC_PROTECTION": 2,
"OE.PHYSICAL": 1,
"OE.RESIDUAL_INFORMATION": 1,
"OE.TRUSTED_ADMN": 1,
"OE.UPDATES": 1,
"OE.VM_CONFIGURATION": 1
},
"T": {
"T.DATA_INTEGRITY": 1,
"T.MALICIOUS_TRAFFIC": 1,
"T.NETWORK_ACCESS": 2,
"T.NETWORK_DISCLOSURE": 3,
"T.NETWORK_DOS": 1,
"T.NETWORK_MISUSE": 3,
"T.PASSWORD_CRACKING": 1,
"T.REPLAY_ATTACK": 1,
"T.SECURITY_FUNCTIONALITY_COMPROMISE": 1,
"T.SECURITY_FUNCTIONALITY_FAILURE": 1,
"T.UNAUTHORIZED_ADMINISTRATOR_ACCESS": 1,
"T.UNDETECTED_ACTIVITY": 1,
"T.UNTRUSTED_COMMUNICATION_CHANNELS": 1,
"T.UPDATE_COMPROMISE": 1,
"T.WEAK_AUTHENTICATION_ENDPOINTS": 1,
"T.WEAK_CRYPTOGRAPHY": 1
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ADV": {
"ADV_FSP.1": 2
},
"AGD": {
"AGD_OPE.1": 2,
"AGD_PRE.1": 2
},
"ALC": {
"ALC_CMC.1": 2,
"ALC_CMS.1": 2
},
"ASE": {
"ASE_CCL.1": 1,
"ASE_ECD.1": 1,
"ASE_INT.1": 1,
"ASE_OBJ.1": 1,
"ASE_REQ.1": 1,
"ASE_SPD.1": 1,
"ASE_TSS.1": 1
},
"ATE": {
"ATE_IND.1": 2
},
"AVA": {
"AVA_VAN": 1,
"AVA_VAN.1": 2
}
},
"cc_security_level": {},
"cc_sfr": {
"FAU": {
"FAU_GEN": 8,
"FAU_GEN.1": 9,
"FAU_GEN.1.1": 1,
"FAU_GEN.1.2": 1,
"FAU_GEN.2": 4,
"FAU_GEN.2.1": 1,
"FAU_STG_EXT.1": 4,
"FAU_STG_EXT.1.1": 1,
"FAU_STG_EXT.1.2": 1,
"FAU_STG_EXT.1.3": 1
},
"FCS": {
"FCS_CKM": 3,
"FCS_CKM.1": 6,
"FCS_CKM.1.1": 2,
"FCS_CKM.2": 5,
"FCS_CKM.2.1": 1,
"FCS_CKM.4": 5,
"FCS_CKM.4.1": 1,
"FCS_COP": 22,
"FCS_COP.1": 4,
"FCS_NTP_EXT.1.4": 1,
"FCS_RBG_EXT.1": 6,
"FCS_RBG_EXT.1.1": 1,
"FCS_RBG_EXT.1.2": 1,
"FCS_TLSC_EXT.2.3": 1,
"FCS_TLSS_EXT.1": 6,
"FCS_TLSS_EXT.1.1": 1,
"FCS_TLSS_EXT.1.2": 1,
"FCS_TLSS_EXT.1.3": 1,
"FCS_TLSS_EXT.1.4": 1
},
"FDP": {
"FDP_RIP.2": 4,
"FDP_RIP.2.1": 1
},
"FIA": {
"FIA_AFL.1": 7,
"FIA_AFL.1.1": 1,
"FIA_AFL.1.2": 1,
"FIA_PMG_EXT.1": 6,
"FIA_PMG_EXT.1.1": 1,
"FIA_PSK_EXT.1": 1,
"FIA_PSK_EXT.1.1": 1,
"FIA_PSK_EXT.3": 4,
"FIA_UAU.7": 3,
"FIA_UAU.7.1": 1,
"FIA_UAU_EXT.2": 4,
"FIA_UAU_EXT.2.1": 1,
"FIA_UIA_EXT.1": 4,
"FIA_UIA_EXT.1.1": 1,
"FIA_UIA_EXT.1.2": 1
},
"FMT": {
"FMT_MOF": 8,
"FMT_MOF.1": 2,
"FMT_MTD": 8,
"FMT_MTD.1": 2,
"FMT_SMF": 12,
"FMT_SMF.1": 7,
"FMT_SMF.1.1": 1,
"FMT_SMR.2": 3,
"FMT_SMR.2.1": 1,
"FMT_SMR.2.2": 1,
"FMT_SMR.2.3": 1
},
"FPT": {
"FPT_APW_EXT.1": 4,
"FPT_APW_EXT.1.1": 1,
"FPT_APW_EXT.1.2": 1,
"FPT_FLS": 4,
"FPT_FLS.1": 1,
"FPT_SKP_EXT.1": 4,
"FPT_SKP_EXT.1.1": 1,
"FPT_STM_EXT.1": 5,
"FPT_STM_EXT.1.1": 1,
"FPT_STM_EXT.1.2": 1,
"FPT_TST_EXT.1": 4,
"FPT_TST_EXT.1.1": 1,
"FPT_TST_EXT.3": 3,
"FPT_TST_EXT.3.1": 1,
"FPT_TST_EXT.3.2": 1,
"FPT_TUD_EXT.1": 4,
"FPT_TUD_EXT.1.1": 1,
"FPT_TUD_EXT.1.2": 1,
"FPT_TUD_EXT.1.3": 1
},
"FTA": {
"FTA_SSL.3": 3,
"FTA_SSL.3.1": 1,
"FTA_SSL.4": 4,
"FTA_SSL.4.1": 1,
"FTA_SSL_EXT.1": 4,
"FTA_SSL_EXT.1.1": 1,
"FTA_TAB.1": 4,
"FTA_TAB.1.1": 1
},
"FTP": {
"FTP_ITC": 5,
"FTP_ITC.1": 10,
"FTP_ITC.1.1": 1,
"FTP_ITC.1.2": 1,
"FTP_ITC.1.3": 1,
"FTP_TRP": 5,
"FTP_TRP.1": 3
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 4
},
"GCM": {
"GCM": 4
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 1
}
},
"crypto_protocol": {
"IKE": {
"IKE": 12,
"IKEv2": 20
},
"IPsec": {
"IPsec": 32
},
"SSH": {
"SSH": 6
},
"TLS": {
"DTLS": {
"DTLS": 2
},
"SSL": {
"SSL": 1,
"SSL 2.0": 2,
"SSL 3.0": 2
},
"TLS": {
"TLS": 33,
"TLS 1.0": 2,
"TLS 1.1": 2,
"TLS 1.2": 2,
"TLS1.1": 1,
"TLS1.2": 1
}
},
"VPN": {
"VPN": 147
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 2
},
"KEX": {
"Key Exchange": 1
},
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 58,
"P-384": 60,
"P-521": 54,
"secp256r1": 2,
"secp384r1": 2,
"secp521r1": 2
}
},
"eval_facility": {
"Acumen": {
"Acumen Security": 1
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 8
},
"SHA2": {
"SHA-256": 10,
"SHA-384": 3,
"SHA-512": 4
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 10
},
"RNG": {
"RBG": 3
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS PUB 186-4": 19,
"FIPS186-4": 27
},
"ISO": {
"ISO/IEC 10118-": 1,
"ISO/IEC 14888-3": 2,
"ISO/IEC 18031:2011": 3,
"ISO/IEC 9796-2": 2
},
"NIST": {
"NIST SP 800-90": 1
},
"PKCS": {
"PKCS #1": 2,
"PKCS 1": 6
},
"RFC": {
"RFC 2460": 1,
"RFC 2463": 1,
"RFC 2818": 2,
"RFC 2986": 1,
"RFC 3447": 1,
"RFC 3513": 2,
"RFC 3526": 7,
"RFC 3602": 4,
"RFC 4301": 2,
"RFC 4303": 1,
"RFC 4346": 1,
"RFC 4443": 1,
"RFC 4492": 4,
"RFC 4868": 1,
"RFC 4945": 2,
"RFC 5077": 3,
"RFC 5114": 2,
"RFC 5246": 3,
"RFC 5280": 3,
"RFC 5282": 1,
"RFC 5289": 8,
"RFC 5735": 2,
"RFC 5996": 2,
"RFC 6960": 1,
"RFC 768": 3,
"RFC 791": 3,
"RFC 792": 2,
"RFC 793": 3,
"RFC 8017": 1,
"RFC 8200": 2
},
"X509": {
"X.509": 8
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 11,
"AES-": 1,
"AES-128": 2,
"AES-256": 3
}
},
"constructions": {
"MAC": {
"HMAC": 4,
"HMAC-SHA-256": 4,
"HMAC-SHA-384": 5,
"HMAC-SHA-512": 5
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {
"TLS": {
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA": 2,
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256": 2,
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": 2,
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA": 2,
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384": 2,
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": 2,
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA": 2,
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256": 2,
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": 2,
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA": 2,
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384": 2,
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384": 2
}
},
"vendor": {},
"vulnerability": {}
},
"st_metadata": {
"/Author": "Shehan Dissanayake",
"/CreationDate": "D:20250113095601-05\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2019",
"/ModDate": "D:20250113095601-05\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2019",
"/Title": "Sonicwall SonicOS/X v7.0.1 with VPN and IPS on TZ, NSa, NSsp, and NSv Appliances Security Target v1.0",
"pdf_file_size_bytes": 834721,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17580",
"https://www.mysonicwall.com/",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=15045",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17728"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 85
}
},
"protection_profile_links": {
"_type": "Set",
"elements": [
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/MOD_CPP_FW_v1.4e.pdf",
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/CPP_ND_V2.2E.pdf",
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/MOD_IPS_v1.0.pdf",
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/MOD_VPNGW_v1.3.pdf"
]
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11473-vr.pdf",
"scheme": "US",
"security_level": {
"_type": "Set",
"elements": []
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11473-st.pdf",
"state": {
"_type": "sec_certs.sample.cc_eucc_common.InternalState",
"cert": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": false,
"json_hash": null,
"pdf_hash": "14281fbacdd153faf3cd6805c588ddb6ee0054e5e6f4edfdfe43214df23a59ce",
"txt_hash": "3b1d8f5a142ca27336bbd45bb32971df16f459882a43de2cb490f46ff1995669"
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "05fb98b2550d9e09e7fda849f739a2357bea49f8391a1cdd5492d9e3b1404381",
"txt_hash": "b06eb12a585aa6da7597892bbedef489455190efb6061cdbb53f87ac207643c9"
},
"st": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "96625abe7456608dff0d6ecf277cee8c59f93f33620c8af26206e6a20a046374",
"txt_hash": "0c0ae5f2a2d113ce58040cd5471e54b9e6265b50bda41938f6cde898eabb92e5"
}
},
"status": "active"
}