This page was not yet optimized for use on mobile
devices.
Cisco ASA 5505, 5510, 5520, 5540, 5550, 5580-20 and 5580-40 Security Appliances
Known vulnerabilities detected
Our automated heuristics have identified vulnerabilities that may be associated with this certificate. See the CVEs section for details.Certificate #1436
Webpage information
Security policy
Symmetric Algorithms
AES, DES, Triple-DES, HMACHash functions
SHA-1Schemes
Key agreementProtocols
SSH, SSHv2, SSL, TLSv1.0, TLS, IKE, VPN, PGPRandomness
RNGTrusted Execution Environments
SSCVendor
Cisco Systems, Inc, Cisco, Cisco SystemsSecurity level
Level 2, Level 3, Level 1Standards
FIPS 140-2, FIPS PUB 140-2File metadata
| Title | Microsoft Word - 8.3.2.13 - ASA5500-FIPS-140-2-Security-Policy.docx |
|---|---|
| Author | wangzhi |
| Creation date | D:20110506114742-04'00' |
| Modification date | D:20110506114742-04'00' |
| Pages | 29 |
| Creator | PScript5.dll Version 5.2 |
| Producer | Acrobat Distiller 8.0.0 (Windows) |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.CPE matches
- cpe:2.3:h:cisco:asa-5505:-:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa-5520:-:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa-5540:-:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*
Related CVEs
| ID | Links | Severity | CVSS Score | Published on | ||
|---|---|---|---|---|---|---|
| Base | Exploitability | Impact | ||||
| CVE-2009-4910 | MEDIUM | 4.3 | 2.9 | 29.06.2010 | ||
| CVE-2009-4912 | HIGH | 10.0 | 10.0 | 29.06.2010 | ||
| CVE-2009-4913 | MEDIUM | 5.0 | 2.9 | 29.06.2010 | ||
| CVE-2009-4914 | HIGH | 7.8 | 6.9 | 29.06.2010 | ||
| CVE-2009-4915 | HIGH | 7.8 | 6.9 | 29.06.2010 | ||
| CVE-2009-4916 | MEDIUM | 4.0 | 2.9 | 29.06.2010 | ||
| CVE-2009-4917 | HIGH | 7.8 | 6.9 | 29.06.2010 | ||
| CVE-2009-4918 | HIGH | 7.8 | 6.9 | 29.06.2010 | ||
| CVE-2009-4919 | HIGH | 10.0 | 10.0 | 29.06.2010 | ||
| CVE-2009-4920 | HIGH | 7.8 | 6.9 | 29.06.2010 | ||
| CVE-2009-4921 | HIGH | 7.8 | 6.9 | 29.06.2010 | ||
| CVE-2009-4922 | MEDIUM | 6.8 | 6.9 | 29.06.2010 | ||
| CVE-2009-4923 | HIGH | 7.8 | 6.9 | 29.06.2010 | ||
Showing 5 out of 13.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 1436,
"dgst": "40dd2b010d461c24",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"SHS#1277",
"RNG#763",
"AES#1407",
"AES#1394",
"HMAC#125",
"RNG#329",
"RSA#680",
"RSA#106",
"RNG#772",
"Triple-DES#960",
"SHS#630",
"HMAC#828",
"Triple-DES#217",
"Triple-DES#559",
"RSA#684",
"RSA#261",
"SHS#1265",
"HMAC#301",
"SHS#196",
"AES#105",
"HMAC#818",
"RNG#144",
"Triple-DES#954",
"AES#564"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
"cpe:2.3:h:cisco:asa-5505:-:*:*:*:*:*:*:*",
"cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
"cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
"cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"cpe:2.3:h:cisco:asa-5540:-:*:*:*:*:*:*:*",
"cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"cpe:2.3:h:cisco:asa-5520:-:*:*:*:*:*:*:*",
"cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"8.3.2",
"8.3.2.13"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": {
"_type": "Set",
"elements": [
"CVE-2009-4914",
"CVE-2009-4918",
"CVE-2009-4919",
"CVE-2009-4915",
"CVE-2009-4912",
"CVE-2009-4916",
"CVE-2009-4920",
"CVE-2009-4922",
"CVE-2009-4913",
"CVE-2009-4923",
"CVE-2009-4917",
"CVE-2009-4910",
"CVE-2009-4921"
]
},
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 15
},
"PGP": {
"PGP": 3
},
"SSH": {
"SSH": 8,
"SSHv2": 1
},
"TLS": {
"SSL": {
"SSL": 4
},
"TLS": {
"TLS": 9,
"TLSv1.0": 1
}
},
"VPN": {
"VPN": 13
}
},
"crypto_scheme": {
"KA": {
"Key agreement": 1
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES 1394": 1,
"HMAC SHA-1 818": 1,
"RSA 680": 1,
"SHA-1 1265": 1,
"SHA-1 818": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 2,
"Level 2": 3,
"Level 3": 1
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RNG": 9
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 19,
"FIPS PUB 140-2": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 9
}
},
"DES": {
"3DES": {
"Triple-DES": 2
},
"DES": {
"DES": 3
}
},
"constructions": {
"MAC": {
"HMAC": 4
}
}
},
"tee_name": {
"IBM": {
"SSC": 2
}
},
"tls_cipher_suite": {},
"vendor": {
"Cisco": {
"Cisco": 88,
"Cisco Systems": 5,
"Cisco Systems, Inc": 31
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "wangzhi",
"/CreationDate": "D:20110506114742-04\u002700\u0027",
"/Creator": "PScript5.dll Version 5.2",
"/ModDate": "D:20110506114742-04\u002700\u0027",
"/Producer": "Acrobat Distiller 8.0.0 (Windows)",
"/Title": "Microsoft Word - 8.3.2.13 - ASA5500-FIPS-140-2-Security-Policy.docx",
"pdf_file_size_bytes": 1269833,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 29
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "45c1725f2a08c240445794c8183d2ac7835a73fa390da310deb2ccaaaccb71e3",
"policy_txt_hash": "7a8807f63e75cf047d654df2ce8cf0e988b201018ae391c4ba482f6ae0c4a0f0"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/140crt1436.pdf",
"date_sunset": null,
"description": "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 3"
],
"fw_versions": "8.3.2 and 8.3.2.13",
"historical_reason": "RNG SP800-131A Revision 1 Transition",
"hw_versions": "5505 [1,2], 5510 [1], 5520 [1], 5540 [1], 5550 [1], 5580-20 [3], 5580-40 [3], [FIPS Kit (Cisco-FIPSKIT=): Revision -B0] [1], [ASA 5505 FIPS Kit (ASA5505-FIPS-KIT=): Revision -A0] [2] and [ASA 5580 FIPS Kit (ASA5580-FIPS-KIT=)] [3]",
"level": 2,
"mentioned_certs": {},
"module_name": "Cisco ASA 5505, 5510, 5520, 5540, 5550, 5580-20 and 5580-40 Security Appliances",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2010-11-03",
"lab": "SAIC-VA",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2011-05-12",
"lab": "SAIC-VA",
"validation_type": "Update"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2012-02-23",
"lab": "",
"validation_type": "Update"
}
],
"vendor": "Cisco Systems, Inc.",
"vendor_url": "http://www.cisco.com"
}
}