This page was not yet optimized for use on mobile
devices.
Cisco Catalyst 8500 Series Edge Routers (Cat8500) running IOS-XE 17.15
Known vulnerabilities detected
Our automated heuristics have identified vulnerabilities that may be associated with this certificate. See the CVEs section for details.CSV information
| Status | active |
|---|---|
| Valid from | 29.08.2025 |
| Valid until | 29.08.2027 |
| Scheme | 🇺🇸 US |
| Manufacturer | Cisco Systems, Inc. |
| Category | Network and Network-Related Devices and Systems |
| Security level | |
| Protection profiles |
Heuristics summary
Certificate ID: CCEVS-VR-VID-11637-2025
Certificate
Extracted keywords
Protocols
SSH, VPNVendor
Cisco Systems, Inc, CiscoCertificates
CCEVS-VR-VID11637-2025Evaluation facilities
Lightship SecurityFile metadata
| Title | VID11637-FINAL CERT |
|---|---|
| Pages | 1 |
| Producer | WeasyPrint 62.3 |
Certification report
Extracted keywords
Symmetric Algorithms
AES, AES-, HMAC, CMACAsymmetric Algorithms
ECDSA, ECC, DHHash functions
SHA-1, SHA-256, SHA-512Schemes
MAC, Key Exchange, Key exchange, Key Agreement, AEADProtocols
SSH, SSHv2, IKEv2, IKE, IPsec, VPNRandomness
DRBG, RBGLibraries
OpenSSLElliptic Curves
P-256, P-521Block cipher modes
ECB, GCMVendor
Broadcom, Cisco, Cisco Systems, IncSecurity Functional Requirements (SFR)
FCS_COP, FCS_CKM.1, FCS_CKM, FCS_CKM.2, FCS_RBG_EXT, FCS_MKA_EXT.1, FTP_ITC.1Certificates
CCEVS-VR-VID11637-2025Evaluation facilities
Lightship SecurityStandards
SP 800-90, RFC 5280, CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003, CCMB-2017-04-004File metadata
| Author | Chris Thorpe |
|---|---|
| Creation date | D:20250903122344-04'00' |
| Modification date | D:20250903122344-04'00' |
| Pages | 30 |
| Creator | Microsoft® Word 2019 |
| Producer | Microsoft® Word 2019 |
Frontpage
| Certificate ID | CCEVS-VR-VID11637-2025 |
|---|---|
| Certified item | for the Cisco Catalyst 8500 Series Edge Routers (Cat8500) running IOS-XE 17.15 |
| Certification lab | US NIAP |
Security target
Extracted keywords
Symmetric Algorithms
AES, AES-128, AES-256, AES-, DES, 3DES, HMAC, HMAC-SHA-256, HMAC-SHA-512, HMAC-SHA-384, CMACAsymmetric Algorithms
ECDSA, ECC, DH, Diffie-HellmanHash functions
SHA-1, SHA-256, SHA-512, SHA-384, SHA256Schemes
MAC, Key Exchange, Key exchange, Key Agreement, AEADProtocols
SSH, SSHv2, SSL, TLS, TLS 1.2, IKE, IKEv2, IPsec, VPNRandomness
DRBG, RNG, RBGElliptic Curves
P-256, P-521, P-384Block cipher modes
ECB, CBC, CTR, GCMTrusted Execution Environments
SSCVendor
Broadcom, Cisco Systems, Inc, CiscoClaims
O.ADDRESS_FILTERING, O.AUTHENTICATION, O.CRYPTOGRAPHIC_FUNCTIONS, O.FAIL_SECURE, O.PORT_FILTERING, O.SYSTEM_MONITORING, O.TOE_ADMINISTRATION, O.AUTHORIZED_ADMINISTRATION, O.AUTHENTICATION_MACSEC, O.CRYPTOGRAPHIC_FUNCTIONS_MACSEC, O.PORT_FILTERING_MACSEC, O.REPLAY_DETECTION, O.SYSTEM_MONITORING_MACSEC, O.TSF_INTEGRITY, T.UNAUTHORIZED_ADMINISTRATOR_ACCESS, T.WEAK_CRYPTOGRAPHY, T.UNTRUSTED_COMMUNICATION_CHANNELS, T.WEAK_AUTHENTICATION_ENDPOINTS, T.UPDATE_COMPROMISE, T.UNDETECTED_ACTIVITY, T.SECURITY_FUNCTIONALITY_COMPROMISE, T.SECURITY_FUNCTIONALITY_FAILURE, T.DATA_INTEGRITY, T.NETWORK_ACCESS, T.NETWORK_DISCLOSURE, T.NETWORK_MISUSE, T.REPLAY_ATTACK, T.UNTRUSTED_MACSEC_COMMUNICATION_CHANNELS, A.CONNECTIONS, A.PHYSICAL_PROTECTION, A.LIMITED_FUNCTIONALITY, A.NO_THRU_TRAFFIC_PROTECTION, A.TRUSTED_ADMINISTRATOR, A.REGULAR_UPDATES, A.ADMIN_CREDENTIALS_SECURE, A.RESIDUAL_INFORMATION, OE.PHYSICAL, OE.NO_GENERAL_PURPOSE, OE.NO_THRU_TRAFFIC_PROTECTION, OE.TRUSTED_ADMIN, OE.UPDATES, OE.ADMIN_CREDENTIALS_SECURE, OE.RESIDUAL_INFORMATION, OE.CONNECTIONSSecurity Assurance Requirements (SAR)
ADV_FSP.1, AGD_OPE.1, AGD_PRE.1, AGD_OPE, AGD_PRE, ALC_CMC.1, ALC_CMS.1, ALC_FLR.2, ATE_IND.1, AVA_VAN.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.1, ASE_REQ.1, ASE_SPD.1, ASE_TSS.1Security Functional Requirements (SFR)
FAU_GEN.1, FAU_GEN, FAU_GEN.2, FAU_STG.1, FAU_STG_EXT.1, FAU_GEN.1.1, FAU_GEN.1.2, FAU_GEN.2.1, FAU_STG.1.1, FAU_STG.1.2, FAU_STG_EXT.1.1, FAU_STG_EXT.1.2, FAU_STG_EXT.1.3, FAU_STG_EXT.1.4, FAU_STG_EXT.1.5, FAU_STG_EXT.1.6, FCS_COP, FCS_CKM.1, FCS_CKM, FCS_CKM.2, FCS_RBG_EXT, FCS_CKM.4, FCS_MKA_EXT.1, FCS_NTP_EXT.1, FCS_SSH_EXT.1, FCS_SSHS_EXT.1, FCS_RBG_EXT.1, FCS_CKM.1.1, FCS_CKM.2.1, FCS_CKM.4.1, FCS_COP.1, FCS_MKA_EXT.1.1, FCS_MKA_EXT.1.2, FCS_MKA_EXT.1.3, FCS_MKA_EXT.1.4, FCS_MKA_EXT.1.5, FCS_MKA_EXT.1.6, FCS_MKA_EXT.1.7, FCS_NTP_EXT.1.1, FCS_NTP_EXT.1.2, FCS_NTP_EXT.1.3, FCS_NTP_EXT.1.4, FCS_SSH_EXT.1.1, FCS_SSH_EXT.1.2, FCS_SSH_EXT.1.3, FCS_SSH_EXT.1.4, FCS_SSH_EXT.1.5, FCS_SSH_EXT.1.6, FCS_SSH_EXT.1.7, FCS_SSH_EXT.1.8, FCS_SSHS_EXT.1.1, FCS_RBG_EXT.1.1, FCS_RBG_EXT.1.2, FCS_SSHS_EXT.1.3, FIA_AFL.1, FIA_PMG_EXT.1, FIA_PSK_EXT.1, FIA_PSK_EXT.2, FIA_UIA_EXT.1, FIA_UAU.7, FIA_AFL.1.1, FIA_AFL.1.2, FIA_PMG_EXT.1.1, FIA_PSK_EXT.1.1, FIA_PSK_EXT.1.2, FIA_PSK_EXT.2.1, FIA_UIA_EXT.1.1, FIA_UIA_EXT.1.2, FIA_UIA_EXT.1.3, FIA_UIA_EXT.1.4, FIA_UAU.7.1, FIA_PSK_EXT.3, FMT_MOF, FMT_MTD, FMT_SMF.1, FMT_SMF, FMT_SMR.2, FMT_MOF.1, FMT_MTD.1, FMT_SMF.1.1, FMT_SMR.2.1, FMT_SMR.2.2, FMT_SMR.2.3, FPT_APW_EXT.1, FPT_FLS.1, FPT_FLS, FPT_SKP_EXT.1, FPT_STM_EXT.1, FPT_TST_EXT.1, FPT_TST_EXT.3, FPT_TUD_EXT.1, FPT_RPL.1, FPT_RPL_EXT.1, FPT_CAK_EXT.1, FPT_APW_EXT.1.1, FPT_APW_EXT.1.2, FPT_FLS.1.1, FPT_SKP_EXT, FPT_SKP_EXT.1.1, FPT_STM_EXT.1.1, FPT_STM_EXT.1.2, FPT_TST_EXT, FPT_TST_EXT.1.1, FPT_TST_EXT.1.2, FPT_TST_EXT.3.1, FPT_TST_EXT.3.2, FPT_TUD_EXT.1.1, FPT_TUD_EXT.1.2, FPT_TUD_EXT.1.3, FPT_RPL.1.1, FPT_RPL_EXT.1.1, FPT_RPL_EXT.1.2, FPT_CAK_EXT.1.1, FPT_ITC, FTA_SSL_EXT.1, FTA_SSL.3, FTA_SSL.4, FTA_TAB.1, FTA_SSL_EXT.1.1, FTA_SSL.4.1, FTP_ITC.1, FTP_ITC, FTP_TRP, FTP_ITC.1.2, FTP_ITC.1.3, FTP_TRP.1Standards
FIPS PUB 186-4, FIPS PUB 186-5, FIPS 140-2, FIPS PUB 140-2, FIPS PUB 198-1, FIPS PUB 180-3, FIPS 186-4, SP 800-90, NIST SP 800-186, NIST SP 800-38B, NIST SP 800-38F, NIST SP 800-56A, NIST SP 800-57, NIST SP 800-90A, PKCS #1, PKCS12, RFC 5280, RFC 3526, RFC 4301, RFC 4303, RFC 3602, RFC 4106, RFC 7296, RFC 4868, RFC 5282, RFC 5114, RFC 4945, RFC 8784, RFC 5905, RFC 4252, RFC 8332, RFC 5656, RFC 4253, RFC 5647, RFC 6668, RFC 5759, RFC 2986, RFC 791, RFC 8200, RFC 793, RFC 768, RFC 8603, ISO/IEC 14888-3, ISO/IEC 9796-2, ISO/IEC 18031:2011, X.509File metadata
| Title | ST |
|---|---|
| Author | Cisco CC TME |
| Creation date | D:20250903123106-04'00' |
| Modification date | D:20250903123106-04'00' |
| Pages | 84 |
| Creator | Microsoft® Word 2019 |
| Producer | Microsoft® Word 2019 |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.Certificate ID
CCEVS-VR-VID-11637-2025Extracted SARs
ADV_FSP.1, AGD_OPE.1, AGD_PRE.1, ALC_CMC.1, ALC_CMS.1, ALC_FLR.2, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.1, ASE_REQ.1, ASE_SPD.1, ASE_TSS.1, ATE_IND.1, AVA_VAN.1CPE matches
- cpe:2.3:o:cisco:ios_xe:17.15.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:17.15.1y:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:17.15.1z:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:17.15.3:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:17.15.3a:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:17.15.3b:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:17.15.4:*:*:*:*:*:*:*
Related CVEs
| ID | Links | Severity | CVSS Score | Published on | ||
|---|---|---|---|---|---|---|
| Base | Exploitability | Impact | ||||
| CVE-2025-20162 | HIGH | 8.6 | 4.0 | 07.05.2025 | ||
| CVE-2025-20169 | HIGH | 7.7 | 4.0 | 05.02.2025 | ||
| CVE-2025-20170 | HIGH | 7.7 | 4.0 | 05.02.2025 | ||
| CVE-2025-20171 | HIGH | 7.7 | 4.0 | 05.02.2025 | ||
| CVE-2025-20172 | HIGH | 7.7 | 4.0 | 05.02.2025 | ||
| CVE-2025-20173 | HIGH | 7.7 | 4.0 | 05.02.2025 | ||
| CVE-2025-20175 | HIGH | 7.7 | 4.0 | 05.02.2025 | ||
| CVE-2025-20176 | HIGH | 7.7 | 4.0 | 05.02.2025 | ||
| CVE-2025-20194 | MEDIUM | 5.4 | 2.5 | 07.05.2025 | ||
| CVE-2025-20197 | HIGH | 8.2 | 6.0 | 07.05.2025 | ||
| CVE-2025-20198 | HIGH | 8.2 | 6.0 | 07.05.2025 | ||
| CVE-2025-20199 | HIGH | 8.2 | 6.0 | 07.05.2025 | ||
| CVE-2025-20200 | HIGH | 8.2 | 6.0 | 07.05.2025 | ||
| CVE-2025-20201 | MEDIUM | 6.7 | 5.9 | 07.05.2025 | ||
| CVE-2025-20202 | HIGH | 7.4 | 4.0 | 07.05.2025 | ||
| CVE-2025-20221 | CRITICAL | 9.1 | 5.2 | 07.05.2025 | ||
| CVE-2025-20338 | MEDIUM | 6.7 | 5.9 | 24.09.2025 | ||
| CVE-2025-20352 | HIGH | 7.7 | 4.0 | 24.09.2025 | ||
Showing 5 out of 18.
Similar certificates
Showing 5 out of 9.
Scheme data
| Product | Cisco Catalyst 8500 Series Edge Routers (Cat8500) running IOS-XE 17.15 | |
|---|---|---|
| Id | CCEVS-VR-VID11637-2025 | |
| Url | https://www.niap-ccevs.org/products/11637 | |
| Api Url | https://www.niap-ccevs.org/api/project/product/pcl_products/11637/ | |
| Certification Date | 29.08.2025 | |
| Expiration Date | None | |
| Category | Network Device | |
| Categories | ['Network Device', 'Network Encryption', 'Remote Access', 'Virtual Private Network'] | |
| Vendor | Cisco Systems, Inc. | |
| Evaluation Facility | Lightship Security USA, Inc. | |
| Scheme | US | |
| Cert Link | https://www.niap-ccevs.org/api/file/get_public_file/?file_id=35570 | |
| Target Link | https://www.niap-ccevs.org/api/file/get_public_file/?file_id=35571 | |
| Report Link | https://www.niap-ccevs.org/api/file/get_public_file/?file_id=35572 | |
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Network and Network-Related Devices and Systems",
"cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11637-ci.pdf",
"dgst": "8e3b766f2b68e30d",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "CCEVS-VR-VID-11637-2025",
"cert_lab": [
"US"
],
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:o:cisco:ios_xe:17.15.3b:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:ios_xe:17.15.1y:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:ios_xe:17.15.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:ios_xe:17.15.1:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:ios_xe:17.15.4:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:ios_xe:17.15.1z:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:ios_xe:17.15.3a:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"eal": "EAL1",
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_FLR",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 1
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"17.15"
]
},
"indirect_transitive_cves": null,
"next_certificates": null,
"prev_certificates": null,
"protection_profiles": {
"_type": "Set",
"elements": [
"4704bfbdf61ca066",
"51ed84742f89c3f7",
"e2ad7e4a892e3703",
"ed9c9d74c3710878"
]
},
"related_cves": {
"_type": "Set",
"elements": [
"CVE-2025-20197",
"CVE-2025-20200",
"CVE-2025-20170",
"CVE-2025-20162",
"CVE-2025-20202",
"CVE-2025-20175",
"CVE-2025-20198",
"CVE-2025-20352",
"CVE-2025-20176",
"CVE-2025-20221",
"CVE-2025-20169",
"CVE-2025-20201",
"CVE-2025-20199",
"CVE-2025-20172",
"CVE-2025-20338",
"CVE-2025-20171",
"CVE-2025-20194",
"CVE-2025-20173"
]
},
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"scheme_data": {
"api_url": "https://www.niap-ccevs.org/api/project/product/pcl_products/11637/",
"categories": [
"Network Device",
"Network Encryption",
"Remote Access",
"Virtual Private Network"
],
"category": "Network Device",
"cert_link": "https://www.niap-ccevs.org/api/file/get_public_file/?file_id=35570",
"certification_date": "2025-08-29",
"evaluation_facility": "Lightship Security USA, Inc.",
"expiration_date": null,
"id": "CCEVS-VR-VID11637-2025",
"product": "Cisco Catalyst 8500 Series Edge Routers (Cat8500) running IOS-XE 17.15",
"report_link": "https://www.niap-ccevs.org/api/file/get_public_file/?file_id=35572",
"scheme": "US",
"target_link": "https://www.niap-ccevs.org/api/file/get_public_file/?file_id=35571",
"url": "https://www.niap-ccevs.org/products/11637",
"vendor": "Cisco Systems, Inc."
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "Cisco Systems, Inc.",
"manufacturer_web": "https://www.cisco.com",
"name": "Cisco Catalyst 8500 Series Edge Routers (Cat8500) running IOS-XE 17.15",
"not_valid_after": "2027-08-29",
"not_valid_before": "2025-08-29",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": "st_vid11637-ci.pdf",
"cert_frontpage": null,
"cert_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"US": {
"CCEVS-VR-VID11637-2025": 1
}
},
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {},
"cc_security_level": {},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"SSH": {
"SSH": 1
},
"VPN": {
"VPN": 1
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"Lightship": {
"Lightship Security": 1
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Cisco": {
"Cisco": 1,
"Cisco Systems, Inc": 1
}
},
"vulnerability": {}
},
"cert_metadata": {
"/Producer": "WeasyPrint 62.3",
"/Title": "VID11637-FINAL CERT",
"pdf_file_size_bytes": 134869,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 1
},
"report_filename": "st_vid11637-vr.pdf",
"report_frontpage": {
"US": {
"cert_id": "CCEVS-VR-VID11637-2025",
"cert_item": "for the Cisco Catalyst 8500 Series Edge Routers (Cat8500) running IOS-XE 17.15",
"cert_lab": "US NIAP"
}
},
"report_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDSA": {
"ECDSA": 3
}
},
"FF": {
"DH": {
"DH": 2
}
}
},
"cc_cert_id": {
"US": {
"CCEVS-VR-VID11637-2025": 1
}
},
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {},
"cc_security_level": {},
"cc_sfr": {
"FCS": {
"FCS_CKM": 3,
"FCS_CKM.1": 3,
"FCS_CKM.2": 2,
"FCS_COP": 8,
"FCS_MKA_EXT.1": 1,
"FCS_RBG_EXT": 1
},
"FTP": {
"FTP_ITC.1": 1
}
},
"certification_process": {},
"cipher_mode": {
"ECB": {
"ECB": 1
},
"GCM": {
"GCM": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 1
}
},
"crypto_protocol": {
"IKE": {
"IKE": 2,
"IKEv2": 2
},
"IPsec": {
"IPsec": 30
},
"SSH": {
"SSH": 19,
"SSHv2": 5
},
"VPN": {
"VPN": 17
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 1
},
"KA": {
"Key Agreement": 1
},
"KEX": {
"Key Exchange": 1,
"Key exchange": 3
},
"MAC": {
"MAC": 2
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 6,
"P-521": 2
}
},
"eval_facility": {
"Lightship": {
"Lightship Security": 6
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 1
},
"SHA2": {
"SHA-256": 1,
"SHA-512": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 1
},
"RNG": {
"RBG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"CC": {
"CCMB-2017-04-001": 1,
"CCMB-2017-04-002": 1,
"CCMB-2017-04-003": 1,
"CCMB-2017-04-004": 1
},
"NIST": {
"SP 800-90": 1
},
"RFC": {
"RFC 5280": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 6,
"AES-": 2
}
},
"constructions": {
"MAC": {
"CMAC": 2,
"HMAC": 2
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Broadcom": {
"Broadcom": 4
},
"Cisco": {
"Cisco": 33,
"Cisco Systems, Inc": 2
}
},
"vulnerability": {}
},
"report_metadata": {
"/Author": "Chris Thorpe",
"/CreationDate": "D:20250903122344-04\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2019",
"/ModDate": "D:20250903122344-04\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2019",
"pdf_file_size_bytes": 511566,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.cisco.com/security/",
"https://www.cvedetails.com/vulnerability-search.php",
"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 30
},
"st_filename": "st_vid11637-st.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 4
},
"ECDSA": {
"ECDSA": 19
}
},
"FF": {
"DH": {
"DH": 20,
"Diffie-Hellman": 12
}
}
},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.ADMIN_CREDENTIALS_SECURE": 1,
"A.CONNECTIONS": 1,
"A.LIMITED_FUNCTIONALITY": 1,
"A.NO_THRU_TRAFFIC_PROTECTION": 1,
"A.PHYSICAL_PROTECTION": 2,
"A.REGULAR_UPDATES": 1,
"A.RESIDUAL_INFORMATION": 1,
"A.TRUSTED_ADMINISTRATOR": 1
},
"O": {
"O.ADDRESS_FILTERING": 1,
"O.AUTHENTICATION": 1,
"O.AUTHENTICATION_MACSEC": 1,
"O.AUTHORIZED_ADMINISTRATION": 1,
"O.CRYPTOGRAPHIC_FUNCTIONS": 1,
"O.CRYPTOGRAPHIC_FUNCTIONS_MACSEC": 1,
"O.FAIL_SECURE": 1,
"O.PORT_FILTERING": 1,
"O.PORT_FILTERING_MACSEC": 1,
"O.REPLAY_DETECTION": 1,
"O.SYSTEM_MONITORING": 1,
"O.SYSTEM_MONITORING_MACSEC": 1,
"O.TOE_ADMINISTRATION": 1,
"O.TSF_INTEGRITY": 1
},
"OE": {
"OE.ADMIN_CREDENTIALS_SECURE": 1,
"OE.CONNECTIONS": 1,
"OE.NO_GENERAL_PURPOSE": 1,
"OE.NO_THRU_TRAFFIC_PROTECTION": 1,
"OE.PHYSICAL": 1,
"OE.RESIDUAL_INFORMATION": 1,
"OE.TRUSTED_ADMIN": 1,
"OE.UPDATES": 1
},
"T": {
"T.DATA_INTEGRITY": 1,
"T.NETWORK_ACCESS": 1,
"T.NETWORK_DISCLOSURE": 1,
"T.NETWORK_MISUSE": 1,
"T.REPLAY_ATTACK": 1,
"T.SECURITY_FUNCTIONALITY_COMPROMISE": 1,
"T.SECURITY_FUNCTIONALITY_FAILURE": 1,
"T.UNAUTHORIZED_ADMINISTRATOR_ACCESS": 1,
"T.UNDETECTED_ACTIVITY": 1,
"T.UNTRUSTED_COMMUNICATION_CHANNELS": 1,
"T.UNTRUSTED_MACSEC_COMMUNICATION_CHANNELS": 1,
"T.UPDATE_COMPROMISE": 1,
"T.WEAK_AUTHENTICATION_ENDPOINTS": 1,
"T.WEAK_CRYPTOGRAPHY": 1
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ADV": {
"ADV_FSP.1": 4
},
"AGD": {
"AGD_OPE": 1,
"AGD_OPE.1": 2,
"AGD_PRE": 1,
"AGD_PRE.1": 2
},
"ALC": {
"ALC_CMC.1": 2,
"ALC_CMS.1": 2,
"ALC_FLR.2": 1
},
"ASE": {
"ASE_CCL.1": 1,
"ASE_ECD.1": 1,
"ASE_INT.1": 1,
"ASE_OBJ.1": 1,
"ASE_REQ.1": 1,
"ASE_SPD.1": 1,
"ASE_TSS.1": 1
},
"ATE": {
"ATE_IND.1": 2
},
"AVA": {
"AVA_VAN.1": 2
}
},
"cc_security_level": {},
"cc_sfr": {
"FAU": {
"FAU_GEN": 7,
"FAU_GEN.1": 9,
"FAU_GEN.1.1": 1,
"FAU_GEN.1.2": 2,
"FAU_GEN.2": 4,
"FAU_GEN.2.1": 1,
"FAU_STG.1": 3,
"FAU_STG.1.1": 1,
"FAU_STG.1.2": 1,
"FAU_STG_EXT.1": 6,
"FAU_STG_EXT.1.1": 1,
"FAU_STG_EXT.1.2": 1,
"FAU_STG_EXT.1.3": 1,
"FAU_STG_EXT.1.4": 1,
"FAU_STG_EXT.1.5": 1,
"FAU_STG_EXT.1.6": 1
},
"FCS": {
"FCS_CKM": 7,
"FCS_CKM.1": 8,
"FCS_CKM.1.1": 1,
"FCS_CKM.2": 6,
"FCS_CKM.2.1": 1,
"FCS_CKM.4": 5,
"FCS_CKM.4.1": 1,
"FCS_COP": 33,
"FCS_COP.1": 6,
"FCS_MKA_EXT.1": 3,
"FCS_MKA_EXT.1.1": 1,
"FCS_MKA_EXT.1.2": 1,
"FCS_MKA_EXT.1.3": 1,
"FCS_MKA_EXT.1.4": 1,
"FCS_MKA_EXT.1.5": 1,
"FCS_MKA_EXT.1.6": 1,
"FCS_MKA_EXT.1.7": 3,
"FCS_NTP_EXT.1": 3,
"FCS_NTP_EXT.1.1": 1,
"FCS_NTP_EXT.1.2": 1,
"FCS_NTP_EXT.1.3": 1,
"FCS_NTP_EXT.1.4": 1,
"FCS_RBG_EXT": 1,
"FCS_RBG_EXT.1": 5,
"FCS_RBG_EXT.1.1": 1,
"FCS_RBG_EXT.1.2": 1,
"FCS_SSHS_EXT.1": 3,
"FCS_SSHS_EXT.1.1": 1,
"FCS_SSHS_EXT.1.3": 1,
"FCS_SSH_EXT.1": 5,
"FCS_SSH_EXT.1.1": 2,
"FCS_SSH_EXT.1.2": 1,
"FCS_SSH_EXT.1.3": 1,
"FCS_SSH_EXT.1.4": 1,
"FCS_SSH_EXT.1.5": 1,
"FCS_SSH_EXT.1.6": 1,
"FCS_SSH_EXT.1.7": 1,
"FCS_SSH_EXT.1.8": 1
},
"FIA": {
"FIA_AFL.1": 6,
"FIA_AFL.1.1": 1,
"FIA_AFL.1.2": 1,
"FIA_PMG_EXT.1": 4,
"FIA_PMG_EXT.1.1": 1,
"FIA_PSK_EXT.1": 8,
"FIA_PSK_EXT.1.1": 3,
"FIA_PSK_EXT.1.2": 2,
"FIA_PSK_EXT.2": 3,
"FIA_PSK_EXT.2.1": 1,
"FIA_PSK_EXT.3": 2,
"FIA_UAU.7": 4,
"FIA_UAU.7.1": 1,
"FIA_UIA_EXT.1": 3,
"FIA_UIA_EXT.1.1": 1,
"FIA_UIA_EXT.1.2": 1,
"FIA_UIA_EXT.1.3": 3,
"FIA_UIA_EXT.1.4": 1
},
"FMT": {
"FMT_MOF": 14,
"FMT_MOF.1": 1,
"FMT_MTD": 9,
"FMT_MTD.1": 1,
"FMT_SMF": 7,
"FMT_SMF.1": 6,
"FMT_SMF.1.1": 2,
"FMT_SMR.2": 4,
"FMT_SMR.2.1": 1,
"FMT_SMR.2.2": 1,
"FMT_SMR.2.3": 1
},
"FPT": {
"FPT_APW_EXT.1": 4,
"FPT_APW_EXT.1.1": 1,
"FPT_APW_EXT.1.2": 1,
"FPT_CAK_EXT.1": 3,
"FPT_CAK_EXT.1.1": 1,
"FPT_FLS": 3,
"FPT_FLS.1": 4,
"FPT_FLS.1.1": 1,
"FPT_ITC": 1,
"FPT_RPL.1": 6,
"FPT_RPL.1.1": 1,
"FPT_RPL_EXT.1": 2,
"FPT_RPL_EXT.1.1": 1,
"FPT_RPL_EXT.1.2": 1,
"FPT_SKP_EXT": 1,
"FPT_SKP_EXT.1": 3,
"FPT_SKP_EXT.1.1": 1,
"FPT_STM_EXT.1": 5,
"FPT_STM_EXT.1.1": 1,
"FPT_STM_EXT.1.2": 1,
"FPT_TST_EXT": 2,
"FPT_TST_EXT.1": 4,
"FPT_TST_EXT.1.1": 1,
"FPT_TST_EXT.1.2": 1,
"FPT_TST_EXT.3": 3,
"FPT_TST_EXT.3.1": 1,
"FPT_TST_EXT.3.2": 1,
"FPT_TUD_EXT.1": 4,
"FPT_TUD_EXT.1.1": 1,
"FPT_TUD_EXT.1.2": 1,
"FPT_TUD_EXT.1.3": 1
},
"FTA": {
"FTA_SSL.3": 6,
"FTA_SSL.4": 3,
"FTA_SSL.4.1": 1,
"FTA_SSL_EXT.1": 5,
"FTA_SSL_EXT.1.1": 1,
"FTA_TAB.1": 6
},
"FTP": {
"FTP_ITC": 6,
"FTP_ITC.1": 12,
"FTP_ITC.1.2": 1,
"FTP_ITC.1.3": 1,
"FTP_TRP": 4,
"FTP_TRP.1": 3
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"CTR": {
"CTR": 1
},
"ECB": {
"ECB": 1
},
"GCM": {
"GCM": 8
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 37,
"IKEv2": 22
},
"IPsec": {
"IPsec": 94
},
"SSH": {
"SSH": 67,
"SSHv2": 14
},
"TLS": {
"SSL": {
"SSL": 1
},
"TLS": {
"TLS": 1,
"TLS 1.2": 1
}
},
"VPN": {
"VPN": 52
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 1
},
"KA": {
"Key Agreement": 10
},
"KEX": {
"Key Exchange": 3,
"Key exchange": 3
},
"MAC": {
"MAC": 15
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 16,
"P-384": 10,
"P-521": 6
}
},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 4
},
"SHA2": {
"SHA-256": 5,
"SHA-384": 2,
"SHA-512": 4,
"SHA256": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 7
},
"RNG": {
"RBG": 4,
"RNG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 2,
"FIPS 186-4": 1,
"FIPS PUB 140-2": 1,
"FIPS PUB 180-3": 2,
"FIPS PUB 186-4": 8,
"FIPS PUB 186-5": 9,
"FIPS PUB 198-1": 1
},
"ISO": {
"ISO/IEC 14888-3": 3,
"ISO/IEC 18031:2011": 3,
"ISO/IEC 9796-2": 2
},
"NIST": {
"NIST SP 800-186": 1,
"NIST SP 800-38B": 3,
"NIST SP 800-38F": 2,
"NIST SP 800-56A": 2,
"NIST SP 800-57": 1,
"NIST SP 800-90A": 1,
"SP 800-90": 2
},
"PKCS": {
"PKCS #1": 2,
"PKCS12": 1
},
"RFC": {
"RFC 2986": 1,
"RFC 3526": 5,
"RFC 3602": 6,
"RFC 4106": 5,
"RFC 4252": 2,
"RFC 4253": 4,
"RFC 4301": 2,
"RFC 4303": 2,
"RFC 4868": 1,
"RFC 4945": 1,
"RFC 5114": 2,
"RFC 5280": 5,
"RFC 5282": 1,
"RFC 5647": 1,
"RFC 5656": 8,
"RFC 5759": 1,
"RFC 5905": 1,
"RFC 6668": 2,
"RFC 7296": 2,
"RFC 768": 2,
"RFC 791": 2,
"RFC 793": 2,
"RFC 8200": 2,
"RFC 8332": 4,
"RFC 8603": 1,
"RFC 8784": 3
},
"X509": {
"X.509": 9
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 44,
"AES-": 2,
"AES-128": 1,
"AES-256": 2
}
},
"DES": {
"3DES": {
"3DES": 1
},
"DES": {
"DES": 1
}
},
"constructions": {
"MAC": {
"CMAC": 6,
"HMAC": 9,
"HMAC-SHA-256": 5,
"HMAC-SHA-384": 4,
"HMAC-SHA-512": 7
}
}
},
"technical_report_id": {},
"tee_name": {
"IBM": {
"SSC": 2
}
},
"tls_cipher_suite": {},
"vendor": {
"Broadcom": {
"Broadcom": 2
},
"Cisco": {
"Cisco": 53,
"Cisco Systems, Inc": 4
}
},
"vulnerability": {}
},
"st_metadata": {
"/Author": "Cisco CC TME",
"/CreationDate": "D:20250903123106-04\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2019",
"/ModDate": "D:20250903123106-04\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2019",
"/Title": "ST",
"pdf_file_size_bytes": 873673,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html",
"http://www.cisco.com/cisco/software/navigator.html",
"https://www.niap-ccevs.org/static_html/protection-profile/481/481/index.html#period_81",
"http://www.cisco.com/",
"http://www.cisco.com/en/US/partner/docs/general/whatsnew/whatsnew.html"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 84
}
},
"protection_profile_links": {
"_type": "Set",
"elements": [
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pkg_ssh_v1.0.pdf",
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/MOD_MACSEC_V1.0.pdf",
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/NDcPP_v3_0e.pdf",
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/MOD_VPNGW_v1.3.pdf"
]
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11637-vr.pdf",
"scheme": "US",
"security_level": {
"_type": "Set",
"elements": []
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11637-st.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "2bab299b7fb9df9b3ce1005a403194a8652de27b1ee71fd3c8700a433f8b982c",
"txt_hash": "6890c96532d4c29b5e6fea830d9aeb3e183d5b80065ebe70924572e0fdaf3495"
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "b6cf5433fd77a4a48f2ca88794e884428b7140f6c6369070c9cbeefa590f854e",
"txt_hash": "e674b981c18d677a7bcd5cfab6973d0c150cd5d0eb2b86bfd290939d4eb834c7"
},
"st": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "32b2ff46c2d8966c0eb9f0f97b9de61ff764f60cf7f8cc45e25c5d8de9dae744",
"txt_hash": "96520be6ae1fd9cd01755f289c82452e1e5463d2498f3b2df6654ad3d686d46e"
}
},
"status": "active"
}