This page was not yet optimized for use on mobile
devices.
Cisco ASA and ISA Firepower Threat Defense Cryptographic Modules
Known vulnerabilities detected
Our automated heuristics have identified vulnerabilities that may be associated with this certificate. See the CVEs section for details.Certificate #3823
Webpage information
Security policy
Symmetric Algorithms
AES-256, AES, RC4, DES, Triple-DES, HMACAsymmetric Algorithms
RSA 2048, ECDH, ECDSA, Diffie-Hellman, DHHash functions
SHA-512, MD5Protocols
SSHv2, SSH, SSL, TLSv1.2, TLS, IKE, IKEv2, IPsec, VPNRandomness
DRBGElliptic Curves
P-256, P-384, P-521Block cipher modes
CBC, GCMVendor
Cisco, Cisco Systems, Inc, Cisco SystemsSecurity level
Level 2, Level 1, level 2Certification process
out of scope, this Copyright Notice. and any additional requirement per the site security policy which are out of scope of this Security Policy. The Crypto Officer shall inspect the seals for evidence of tamper asStandards
FIPS 140-2, FIPS PUB 140-2, FIPS 140, FIPS 186-4, SP 800-90A, SP 800-52, RFC 5288, RFC 7296, RFC 5246, RFC 4253, RFC 6071File metadata
| Title | CISCO 831 Security Policy |
|---|---|
| Subject | FIPS 140-2 Security Policy |
| Author | Scott Shorter |
| Creation date | D:20201111150258-05'00' |
| Modification date | D:20201111150258-05'00' |
| Pages | 25 |
| Creator | Microsoft® Word 2016 |
| Producer | Microsoft® Word 2016 |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.CPE matches
- cpe:2.3:a:cisco:asa_firepower:6.4.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower:6.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*
Related CVEs
| ID | Links | Severity | CVSS Score | Published on | ||
|---|---|---|---|---|---|---|
| Base | Exploitability | Impact | ||||
| CVE-2019-12673 | HIGH | 7.5 | 3.6 | 02.10.2019 | ||
| CVE-2019-12674 | HIGH | 8.2 | 6.0 | 02.10.2019 | ||
| CVE-2019-12675 | HIGH | 8.8 | 6.0 | 02.10.2019 | ||
| CVE-2019-12676 | HIGH | 7.4 | 4.0 | 02.10.2019 | ||
| CVE-2019-12678 | HIGH | 7.5 | 3.6 | 02.10.2019 | ||
| CVE-2019-12694 | MEDIUM | 6.7 | 5.9 | 02.10.2019 | ||
| CVE-2019-12695 | MEDIUM | 6.1 | 2.7 | 02.10.2019 | ||
| CVE-2019-12698 | HIGH | 7.5 | 3.6 | 02.10.2019 | ||
| CVE-2019-1669 | HIGH | 8.6 | 4.0 | 24.01.2019 | ||
| CVE-2019-1970 | HIGH | 7.5 | 3.6 | 08.08.2019 | ||
| CVE-2019-1978 | MEDIUM | 5.8 | 1.4 | 05.11.2019 | ||
| CVE-2019-1980 | MEDIUM | 5.3 | 1.4 | 05.11.2019 | ||
| CVE-2019-1981 | MEDIUM | 5.8 | 1.4 | 05.11.2019 | ||
| CVE-2020-3179 | HIGH | 7.5 | 3.6 | 06.05.2020 | ||
| CVE-2020-3186 | MEDIUM | 5.3 | 1.4 | 06.05.2020 | ||
| CVE-2020-3187 | CRITICAL | 9.1 | 5.2 | 06.05.2020 | ||
| CVE-2020-3188 | MEDIUM | 5.3 | 1.4 | 06.05.2020 | ||
| CVE-2020-3191 | HIGH | 8.6 | 4.0 | 06.05.2020 | ||
| CVE-2020-3195 | HIGH | 7.5 | 3.6 | 06.05.2020 | ||
| CVE-2020-3196 | HIGH | 8.6 | 4.0 | 06.05.2020 | ||
| CVE-2020-3253 | MEDIUM | 6.7 | 5.9 | 06.05.2020 | ||
| CVE-2020-3254 | HIGH | 7.5 | 3.6 | 06.05.2020 | ||
| CVE-2020-3255 | HIGH | 7.5 | 3.6 | 06.05.2020 | ||
| CVE-2020-3259 | HIGH | 7.5 | 3.6 | 06.05.2020 | ||
| CVE-2020-3285 | MEDIUM | 5.8 | 1.4 | 06.05.2020 | ||
| CVE-2020-3303 | HIGH | 7.5 | 3.6 | 06.05.2020 | ||
| CVE-2020-3304 | HIGH | 8.6 | 4.0 | 21.10.2020 | ||
| CVE-2020-3305 | HIGH | 7.5 | 3.6 | 06.05.2020 | ||
| CVE-2020-3306 | HIGH | 7.5 | 3.6 | 06.05.2020 | ||
| CVE-2020-3315 | MEDIUM | 5.3 | 1.4 | 06.05.2020 | ||
| CVE-2020-3317 | HIGH | 7.5 | 3.6 | 21.10.2020 | ||
| CVE-2020-3352 | MEDIUM | 5.5 | 3.6 | 21.10.2020 | ||
| CVE-2020-3436 | HIGH | 8.6 | 4.0 | 21.10.2020 | ||
| CVE-2020-3452 | HIGH | 7.5 | 3.6 | 22.07.2020 | ||
| CVE-2020-3514 | MEDIUM | 6.7 | 5.9 | 21.10.2020 | ||
| CVE-2020-3528 | HIGH | 7.5 | 3.6 | 21.10.2020 | ||
| CVE-2020-3529 | HIGH | 7.5 | 3.6 | 21.10.2020 | ||
| CVE-2020-3533 | HIGH | 7.5 | 3.6 | 21.10.2020 | ||
| CVE-2020-3549 | HIGH | 8.1 | 5.9 | 21.10.2020 | ||
| CVE-2020-3550 | HIGH | 8.1 | 5.2 | 21.10.2020 | ||
| CVE-2020-3554 | HIGH | 7.5 | 3.6 | 21.10.2020 | ||
| CVE-2020-3555 | HIGH | 7.5 | 3.6 | 21.10.2020 | ||
| CVE-2020-3561 | MEDIUM | 4.7 | 1.4 | 21.10.2020 | ||
| CVE-2020-3563 | HIGH | 8.6 | 4.0 | 21.10.2020 | ||
| CVE-2020-3564 | MEDIUM | 5.3 | 1.4 | 21.10.2020 | ||
| CVE-2020-3565 | MEDIUM | 5.8 | 1.4 | 21.10.2020 | ||
| CVE-2020-3572 | HIGH | 8.6 | 4.0 | 21.10.2020 | ||
| CVE-2020-3577 | HIGH | 7.4 | 4.0 | 21.10.2020 | ||
| CVE-2020-3580 | MEDIUM | 6.1 | 2.7 | 21.10.2020 | ||
| CVE-2021-1223 | HIGH | 7.5 | 3.6 | 13.01.2021 | ||
| CVE-2021-1224 | MEDIUM | 5.3 | 1.4 | 13.01.2021 | ||
| CVE-2021-1236 | MEDIUM | 5.3 | 1.4 | 13.01.2021 | ||
| CVE-2021-1256 | MEDIUM | 6.0 | 5.2 | 29.04.2021 | ||
| CVE-2021-1493 | HIGH | 7.1 | 4.2 | 29.04.2021 | ||
| CVE-2021-1495 | MEDIUM | 5.3 | 1.4 | 29.04.2021 | ||
| CVE-2021-1501 | HIGH | 7.5 | 3.6 | 29.04.2021 | ||
| CVE-2021-1573 | HIGH | 7.5 | 3.6 | 11.01.2022 | ||
| CVE-2021-34754 | HIGH | 7.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-34755 | HIGH | 7.8 | 5.9 | 27.10.2021 | ||
| CVE-2021-34756 | HIGH | 7.8 | 5.9 | 27.10.2021 | ||
| CVE-2021-34761 | MEDIUM | 6.0 | 5.2 | 27.10.2021 | ||
| CVE-2021-34762 | HIGH | 8.1 | 5.2 | 27.10.2021 | ||
| CVE-2021-34763 | MEDIUM | 4.8 | 2.7 | 27.10.2021 | ||
| CVE-2021-34764 | MEDIUM | 6.1 | 2.7 | 27.10.2021 | ||
| CVE-2021-34781 | HIGH | 7.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-34783 | HIGH | 7.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-34787 | MEDIUM | 5.3 | 1.4 | 27.10.2021 | ||
| CVE-2021-34790 | MEDIUM | 5.3 | 1.4 | 27.10.2021 | ||
| CVE-2021-34791 | MEDIUM | 5.3 | 1.4 | 27.10.2021 | ||
| CVE-2021-34792 | HIGH | 7.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-34793 | HIGH | 8.6 | 4.0 | 27.10.2021 | ||
| CVE-2021-34794 | MEDIUM | 5.3 | 1.4 | 27.10.2021 | ||
| CVE-2021-40114 | HIGH | 7.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-40116 | HIGH | 7.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-40117 | HIGH | 7.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-40118 | HIGH | 7.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-40125 | MEDIUM | 6.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-44228 | CRITICAL | 10.0 | 6.0 | 10.12.2021 | ||
| CVE-2022-20685 | HIGH | 7.5 | 3.6 | 15.11.2024 | ||
| CVE-2022-20713 | MEDIUM | 6.1 | 2.7 | 10.08.2022 | ||
| CVE-2022-20715 | HIGH | 8.6 | 4.0 | 03.05.2022 | ||
| CVE-2022-20729 | HIGH | 7.8 | 5.9 | 03.05.2022 | ||
| CVE-2022-20730 | HIGH | 7.5 | 3.6 | 03.05.2022 | ||
| CVE-2022-20742 | HIGH | 7.4 | 5.2 | 03.05.2022 | ||
| CVE-2022-20745 | HIGH | 7.5 | 3.6 | 03.05.2022 | ||
| CVE-2022-20746 | HIGH | 7.5 | 3.6 | 03.05.2022 | ||
| CVE-2022-20757 | HIGH | 7.5 | 3.6 | 03.05.2022 | ||
| CVE-2022-20759 | HIGH | 8.8 | 5.9 | 03.05.2022 | ||
| CVE-2022-20760 | HIGH | 7.5 | 3.6 | 03.05.2022 | ||
| CVE-2022-20767 | HIGH | 7.5 | 3.6 | 03.05.2022 | ||
| CVE-2022-20854 | HIGH | 7.5 | 3.6 | 15.11.2022 | ||
| CVE-2022-20928 | MEDIUM | 5.8 | 1.4 | 15.11.2022 | ||
| CVE-2022-20934 | MEDIUM | 6.7 | 5.9 | 15.11.2022 | ||
| CVE-2022-20940 | MEDIUM | 5.3 | 1.4 | 15.11.2022 | ||
| CVE-2022-20946 | HIGH | 7.5 | 3.6 | 15.11.2022 | ||
| CVE-2022-20947 | HIGH | 7.5 | 3.6 | 15.11.2022 | ||
| CVE-2022-20949 | MEDIUM | 4.9 | 3.6 | 15.11.2022 | ||
| CVE-2023-20063 | HIGH | 8.2 | 6.0 | 01.11.2023 | ||
| CVE-2023-20083 | HIGH | 8.6 | 4.0 | 01.11.2023 | ||
| CVE-2023-20086 | HIGH | 8.6 | 4.0 | 01.11.2023 | ||
| CVE-2023-20095 | HIGH | 8.6 | 4.0 | 01.11.2023 | ||
| CVE-2023-20245 | MEDIUM | 5.8 | 1.4 | 01.11.2023 | ||
| CVE-2023-20247 | MEDIUM | 4.3 | 1.4 | 01.11.2023 | ||
| CVE-2023-20256 | MEDIUM | 5.8 | 1.4 | 01.11.2023 | ||
| CVE-2023-20269 | CRITICAL | 9.1 | 5.2 | 06.09.2023 | ||
| CVE-2023-20275 | MEDIUM | 4.3 | 1.4 | 12.12.2023 | ||
| CVE-2023-44487 | HIGH | 7.5 | 3.6 | 10.10.2023 | ||
| CVE-2024-20261 | MEDIUM | 5.8 | 1.4 | 22.05.2024 | ||
| CVE-2024-20297 | MEDIUM | 5.8 | 1.4 | 23.10.2024 | ||
| CVE-2024-20299 | MEDIUM | 5.8 | 1.4 | 23.10.2024 | ||
| CVE-2024-20353 | HIGH | 8.6 | 4.0 | 24.04.2024 | ||
| CVE-2024-20355 | MEDIUM | 5.0 | 1.4 | 22.05.2024 | ||
| CVE-2024-20359 | MEDIUM | 6.0 | 5.2 | 24.04.2024 | ||
| CVE-2024-20382 | MEDIUM | 6.1 | 2.7 | 23.10.2024 | ||
| CVE-2024-20388 | MEDIUM | 5.3 | 1.4 | 23.10.2024 | ||
| CVE-2024-20407 | MEDIUM | 5.8 | 1.4 | 23.10.2024 | ||
| CVE-2024-20408 | HIGH | 7.7 | 4.0 | 23.10.2024 | ||
| CVE-2024-20495 | HIGH | 8.6 | 4.0 | 23.10.2024 | ||
| CVE-2025-20182 | HIGH | 8.6 | 4.0 | 07.05.2025 | ||
Showing 5 out of 119.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 3823,
"dgst": "08ff39839627d6e1",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"DRBG#1735",
"AES#3301",
"RSA#2678",
"HMAC#3272",
"CVL#1521",
"SHS#2737",
"Triple-DES#2559",
"DRBG#819",
"ECDSA#1254",
"SHS#4012",
"HMAC#2095",
"Triple-DES#1881",
"AES#4905"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asa_firepower:6.4.0.15:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower:6.4.0:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"6.4"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": {
"_type": "Set",
"elements": [
"CVE-2020-3554",
"CVE-2022-20946",
"CVE-2020-3255",
"CVE-2021-1224",
"CVE-2019-1978",
"CVE-2020-3304",
"CVE-2023-20275",
"CVE-2019-12676",
"CVE-2021-34794",
"CVE-2020-3317",
"CVE-2020-3195",
"CVE-2021-34756",
"CVE-2025-20182",
"CVE-2022-20730",
"CVE-2021-1223",
"CVE-2020-3436",
"CVE-2021-40114",
"CVE-2020-3306",
"CVE-2019-12678",
"CVE-2021-34755",
"CVE-2019-1981",
"CVE-2023-44487",
"CVE-2021-34754",
"CVE-2023-20063",
"CVE-2020-3315",
"CVE-2019-12673",
"CVE-2020-3564",
"CVE-2021-40118",
"CVE-2022-20760",
"CVE-2019-1669",
"CVE-2019-1970",
"CVE-2024-20353",
"CVE-2020-3577",
"CVE-2021-34763",
"CVE-2022-20854",
"CVE-2020-3196",
"CVE-2024-20495",
"CVE-2020-3528",
"CVE-2020-3549",
"CVE-2022-20729",
"CVE-2023-20086",
"CVE-2020-3191",
"CVE-2024-20355",
"CVE-2021-34783",
"CVE-2019-12698",
"CVE-2020-3186",
"CVE-2022-20713",
"CVE-2023-20245",
"CVE-2019-12695",
"CVE-2024-20408",
"CVE-2022-20947",
"CVE-2021-34761",
"CVE-2021-1495",
"CVE-2020-3253",
"CVE-2020-3452",
"CVE-2020-3550",
"CVE-2021-34762",
"CVE-2021-40116",
"CVE-2024-20297",
"CVE-2024-20407",
"CVE-2022-20685",
"CVE-2021-34793",
"CVE-2022-20940",
"CVE-2020-3572",
"CVE-2021-1236",
"CVE-2020-3533",
"CVE-2019-1980",
"CVE-2019-12694",
"CVE-2021-34787",
"CVE-2022-20767",
"CVE-2023-20095",
"CVE-2021-34792",
"CVE-2020-3565",
"CVE-2021-40125",
"CVE-2020-3555",
"CVE-2020-3254",
"CVE-2022-20928",
"CVE-2020-3285",
"CVE-2020-3529",
"CVE-2019-12674",
"CVE-2020-3259",
"CVE-2024-20382",
"CVE-2020-3563",
"CVE-2020-3188",
"CVE-2021-1256",
"CVE-2020-3179",
"CVE-2021-1493",
"CVE-2023-20256",
"CVE-2023-20269",
"CVE-2022-20934",
"CVE-2022-20745",
"CVE-2024-20299",
"CVE-2024-20261",
"CVE-2020-3305",
"CVE-2022-20757",
"CVE-2021-34790",
"CVE-2023-20247",
"CVE-2021-1501",
"CVE-2020-3580",
"CVE-2020-3352",
"CVE-2020-3561",
"CVE-2023-20083",
"CVE-2021-1573",
"CVE-2020-3303",
"CVE-2022-20746",
"CVE-2021-34791",
"CVE-2020-3187",
"CVE-2024-20359",
"CVE-2022-20759",
"CVE-2020-3514",
"CVE-2022-20715",
"CVE-2022-20949",
"CVE-2024-20388",
"CVE-2022-20742",
"CVE-2021-34764",
"CVE-2021-44228",
"CVE-2021-40117",
"CVE-2019-12675",
"CVE-2021-34781"
]
},
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDH": {
"ECDH": 7
},
"ECDSA": {
"ECDSA": 18
}
},
"FF": {
"DH": {
"DH": 6,
"Diffie-Hellman": 22
}
},
"RSA": {
"RSA 2048": 4
}
},
"certification_process": {
"OutOfScope": {
"out of scope": 1,
"this Copyright Notice. and any additional requirement per the site security policy which are out of scope of this Security Policy. The Crypto Officer shall inspect the seals for evidence of tamper as": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 6
},
"GCM": {
"GCM": 6
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 32,
"IKEv2": 8
},
"IPsec": {
"IPsec": 13
},
"SSH": {
"SSH": 13,
"SSHv2": 33
},
"TLS": {
"SSL": {
"SSL": 2
},
"TLS": {
"TLS": 48,
"TLSv1.2": 7
}
},
"VPN": {
"VPN": 7
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 12,
"P-384": 8,
"P-521": 8
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 1,
"#1521": 2
}
},
"fips_certlike": {
"Certlike": {
"AES 128/192/256": 3,
"AES-256": 5,
"Diffie-Hellman (CVL Cert. #1521": 2,
"HMAC- SHA256/384": 1,
"HMAC-SHA-1": 2,
"HMAC-SHA-1 160": 2,
"HMAC-SHA1": 2,
"RSA 2048": 4,
"SHA-512": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 2,
"Level 2": 3,
"level 2": 3
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 4
}
},
"SHA": {
"SHA2": {
"SHA-512": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 56
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140": 2,
"FIPS 140-2": 19,
"FIPS 186-4": 3,
"FIPS PUB 140-2": 1
},
"NIST": {
"SP 800-52": 1,
"SP 800-90A": 3
},
"RFC": {
"RFC 4253": 1,
"RFC 5246": 1,
"RFC 5288": 1,
"RFC 6071": 1,
"RFC 7296": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 14,
"AES-256": 5
},
"RC": {
"RC4": 3
}
},
"DES": {
"3DES": {
"Triple-DES": 11
},
"DES": {
"DES": 5
}
},
"constructions": {
"MAC": {
"HMAC": 3
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Cisco": {
"Cisco": 12,
"Cisco Systems": 4,
"Cisco Systems, Inc": 24
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Scott Shorter",
"/CreationDate": "D:20201111150258-05\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2016",
"/ModDate": "D:20201111150258-05\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2016",
"/Subject": "FIPS 140-2 Security Policy",
"/Title": "CISCO 831 Security Policy",
"pdf_file_size_bytes": 670622,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://csrc.nist.gov/projects/cryptographic-module-validation-program",
"https://www.cisco.com/c/en/us/td/docs/security/firepower/640/fdm/fptd-fdm-config-guide-640/fptd-fdm-advanced.html",
"http://www.cisco.com/c/en/us/td/docs/security/firepower/fxos/roadmap/fxos-roadmap.html",
"http://www.cisco.com/",
"http://www.cisco.com/c/en/us/products/index.html",
"https://csrc.nist.gov/Projects/cryptographic-module-validation-program/validated-modules"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 25
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "443f49c1fa7f5a77ef0eef492b403f5bf27efcdd0b6a7e7d939383e20e3b7b2c",
"policy_txt_hash": "3771bd8583f97c7548c43bda7b582ab4b266b83a5151a9e01a8347310814a5c3"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode. When installed with the tamper evident seals and opacity shields, initialized and configured as specified in Section 3 of the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/February 2021_010321_1145_signed.pdf",
"date_sunset": null,
"description": "Cisco Firepower Threat Defense (FTD) is a unified software image, which includes the Cisco ASA features and FirePOWER Services. This unified software is capable of offering the functions of ASA and FirePOWER deployed on Cisco Firepower 4100 Series and the Firepower 9300 appliances as well the FTD can be also be deployed on Cisco Firepower Threat Defense (FTD) ASA 5508-X, ASA 5516-X, ISA 3000-4C and ISA 3000-2C2F.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "6.4",
"historical_reason": "SP 800-56Arev3 transition",
"hw_versions": "ASA 5508-X[1][2], ASA 5516-X[1][3], ISA 3000-4C[1] and ISA 3000-2C2F[1] with [AIR-AP-FIPSKIT=][1], [ASA5508-FIPS-KIT=][2] and [ASA5516-FIPS-KIT=][3]",
"level": 2,
"mentioned_certs": {},
"module_name": "Cisco ASA and ISA Firepower Threat Defense Cryptographic Modules",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2021-02-23",
"lab": "Gossamer Security Solutions",
"validation_type": "Initial"
}
],
"vendor": "Cisco Systems, Inc.",
"vendor_url": "http://www.cisco.com"
}
}