This page was not yet optimized for use on mobile
devices.
Cisco Firepower Threat Defense Cryptographic Module
Known vulnerabilities detected
Our automated heuristics have identified vulnerabilities that may be associated with this certificate. See the CVEs section for details.Certificate #3695
Webpage information
Security policy
Symmetric Algorithms
AES-256, AES, RC4, DES, Triple-DES, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512Asymmetric Algorithms
RSA 2048, ECDH, ECDSA, Diffie-Hellman, DHHash functions
SHA-1, SHA-512, SHA-256, MD5Protocols
SSHv2, SSH, TLSv1.2, TLS, IKEv2, IKE, VPNRandomness
DRBGElliptic Curves
P-256, P-384, P-521Block cipher modes
CBC, GCMVendor
Cisco, Cisco Systems, Inc, Cisco SystemsSecurity level
Level 2, Level 1, level 2Certification process
out of scope, of the TELs as depicted below and any additional requirement per the site security policy which are out of scope of this Security Policy. To seal the system, apply tamper-evidence labels as depicted in theStandards
FIPS 140-2, FIPS PUB 140-2, FIPS 140, FIPS 186-4, SP 800-90A, SP 800-52, RFC 5288, RFC 7296, RFC 5246, RFC 4253, RFC 6071File metadata
| Title | Microsoft Word - Cisco FTD CM Security-Policy.docx |
|---|---|
| Author | RichardWang |
| Creation date | D:20200723171125-04'00' |
| Modification date | D:20200723171125-04'00' |
| Pages | 30 |
| Producer | Microsoft: Print To PDF |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.CPE matches
- cpe:2.3:a:cisco:firepower:6.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense:6.4.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*
Related CVEs
| ID | Links | Severity | CVSS Score | Published on | ||
|---|---|---|---|---|---|---|
| Base | Exploitability | Impact | ||||
| CVE-2019-12673 | HIGH | 7.5 | 3.6 | 02.10.2019 | ||
| CVE-2019-12674 | HIGH | 8.2 | 6.0 | 02.10.2019 | ||
| CVE-2019-12675 | HIGH | 8.8 | 6.0 | 02.10.2019 | ||
| CVE-2019-12676 | HIGH | 7.4 | 4.0 | 02.10.2019 | ||
| CVE-2019-12678 | HIGH | 7.5 | 3.6 | 02.10.2019 | ||
| CVE-2019-12694 | MEDIUM | 6.7 | 5.9 | 02.10.2019 | ||
| CVE-2019-12695 | MEDIUM | 6.1 | 2.7 | 02.10.2019 | ||
| CVE-2019-12698 | HIGH | 7.5 | 3.6 | 02.10.2019 | ||
| CVE-2019-1669 | HIGH | 8.6 | 4.0 | 24.01.2019 | ||
| CVE-2019-1970 | HIGH | 7.5 | 3.6 | 08.08.2019 | ||
| CVE-2019-1978 | MEDIUM | 5.8 | 1.4 | 05.11.2019 | ||
| CVE-2019-1980 | MEDIUM | 5.3 | 1.4 | 05.11.2019 | ||
| CVE-2019-1981 | MEDIUM | 5.8 | 1.4 | 05.11.2019 | ||
| CVE-2020-3179 | HIGH | 7.5 | 3.6 | 06.05.2020 | ||
| CVE-2020-3186 | MEDIUM | 5.3 | 1.4 | 06.05.2020 | ||
| CVE-2020-3187 | CRITICAL | 9.1 | 5.2 | 06.05.2020 | ||
| CVE-2020-3188 | MEDIUM | 5.3 | 1.4 | 06.05.2020 | ||
| CVE-2020-3191 | HIGH | 8.6 | 4.0 | 06.05.2020 | ||
| CVE-2020-3195 | HIGH | 7.5 | 3.6 | 06.05.2020 | ||
| CVE-2020-3196 | HIGH | 8.6 | 4.0 | 06.05.2020 | ||
| CVE-2020-3253 | MEDIUM | 6.7 | 5.9 | 06.05.2020 | ||
| CVE-2020-3254 | HIGH | 7.5 | 3.6 | 06.05.2020 | ||
| CVE-2020-3255 | HIGH | 7.5 | 3.6 | 06.05.2020 | ||
| CVE-2020-3259 | HIGH | 7.5 | 3.6 | 06.05.2020 | ||
| CVE-2020-3285 | MEDIUM | 5.8 | 1.4 | 06.05.2020 | ||
| CVE-2020-3303 | HIGH | 7.5 | 3.6 | 06.05.2020 | ||
| CVE-2020-3304 | HIGH | 8.6 | 4.0 | 21.10.2020 | ||
| CVE-2020-3305 | HIGH | 7.5 | 3.6 | 06.05.2020 | ||
| CVE-2020-3306 | HIGH | 7.5 | 3.6 | 06.05.2020 | ||
| CVE-2020-3315 | MEDIUM | 5.3 | 1.4 | 06.05.2020 | ||
| CVE-2020-3317 | HIGH | 7.5 | 3.6 | 21.10.2020 | ||
| CVE-2020-3352 | MEDIUM | 5.5 | 3.6 | 21.10.2020 | ||
| CVE-2020-3436 | HIGH | 8.6 | 4.0 | 21.10.2020 | ||
| CVE-2020-3452 | HIGH | 7.5 | 3.6 | 22.07.2020 | ||
| CVE-2020-3514 | MEDIUM | 6.7 | 5.9 | 21.10.2020 | ||
| CVE-2020-3528 | HIGH | 7.5 | 3.6 | 21.10.2020 | ||
| CVE-2020-3529 | HIGH | 7.5 | 3.6 | 21.10.2020 | ||
| CVE-2020-3533 | HIGH | 7.5 | 3.6 | 21.10.2020 | ||
| CVE-2020-3549 | HIGH | 8.1 | 5.9 | 21.10.2020 | ||
| CVE-2020-3550 | HIGH | 8.1 | 5.2 | 21.10.2020 | ||
| CVE-2020-3554 | HIGH | 7.5 | 3.6 | 21.10.2020 | ||
| CVE-2020-3555 | HIGH | 7.5 | 3.6 | 21.10.2020 | ||
| CVE-2020-3561 | MEDIUM | 4.7 | 1.4 | 21.10.2020 | ||
| CVE-2020-3563 | HIGH | 8.6 | 4.0 | 21.10.2020 | ||
| CVE-2020-3564 | MEDIUM | 5.3 | 1.4 | 21.10.2020 | ||
| CVE-2020-3565 | MEDIUM | 5.8 | 1.4 | 21.10.2020 | ||
| CVE-2020-3572 | HIGH | 8.6 | 4.0 | 21.10.2020 | ||
| CVE-2020-3577 | HIGH | 7.4 | 4.0 | 21.10.2020 | ||
| CVE-2020-3580 | MEDIUM | 6.1 | 2.7 | 21.10.2020 | ||
| CVE-2021-1223 | HIGH | 7.5 | 3.6 | 13.01.2021 | ||
| CVE-2021-1224 | MEDIUM | 5.3 | 1.4 | 13.01.2021 | ||
| CVE-2021-1236 | MEDIUM | 5.3 | 1.4 | 13.01.2021 | ||
| CVE-2021-1256 | MEDIUM | 6.0 | 5.2 | 29.04.2021 | ||
| CVE-2021-1493 | HIGH | 7.1 | 4.2 | 29.04.2021 | ||
| CVE-2021-1495 | MEDIUM | 5.3 | 1.4 | 29.04.2021 | ||
| CVE-2021-1501 | HIGH | 7.5 | 3.6 | 29.04.2021 | ||
| CVE-2021-1573 | HIGH | 7.5 | 3.6 | 11.01.2022 | ||
| CVE-2021-34754 | HIGH | 7.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-34755 | HIGH | 7.8 | 5.9 | 27.10.2021 | ||
| CVE-2021-34756 | HIGH | 7.8 | 5.9 | 27.10.2021 | ||
| CVE-2021-34761 | MEDIUM | 6.0 | 5.2 | 27.10.2021 | ||
| CVE-2021-34762 | HIGH | 8.1 | 5.2 | 27.10.2021 | ||
| CVE-2021-34763 | MEDIUM | 4.8 | 2.7 | 27.10.2021 | ||
| CVE-2021-34764 | MEDIUM | 6.1 | 2.7 | 27.10.2021 | ||
| CVE-2021-34781 | HIGH | 7.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-34783 | HIGH | 7.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-34787 | MEDIUM | 5.3 | 1.4 | 27.10.2021 | ||
| CVE-2021-34790 | MEDIUM | 5.3 | 1.4 | 27.10.2021 | ||
| CVE-2021-34791 | MEDIUM | 5.3 | 1.4 | 27.10.2021 | ||
| CVE-2021-34792 | HIGH | 7.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-34793 | HIGH | 8.6 | 4.0 | 27.10.2021 | ||
| CVE-2021-34794 | MEDIUM | 5.3 | 1.4 | 27.10.2021 | ||
| CVE-2021-40114 | HIGH | 7.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-40116 | HIGH | 7.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-40117 | HIGH | 7.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-40118 | HIGH | 7.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-40125 | MEDIUM | 6.5 | 3.6 | 27.10.2021 | ||
| CVE-2021-44228 | CRITICAL | 10.0 | 6.0 | 10.12.2021 | ||
| CVE-2022-20685 | HIGH | 7.5 | 3.6 | 15.11.2024 | ||
| CVE-2022-20713 | MEDIUM | 6.1 | 2.7 | 10.08.2022 | ||
| CVE-2022-20715 | HIGH | 8.6 | 4.0 | 03.05.2022 | ||
| CVE-2022-20729 | HIGH | 7.8 | 5.9 | 03.05.2022 | ||
| CVE-2022-20730 | HIGH | 7.5 | 3.6 | 03.05.2022 | ||
| CVE-2022-20742 | HIGH | 7.4 | 5.2 | 03.05.2022 | ||
| CVE-2022-20745 | HIGH | 7.5 | 3.6 | 03.05.2022 | ||
| CVE-2022-20746 | HIGH | 7.5 | 3.6 | 03.05.2022 | ||
| CVE-2022-20757 | HIGH | 7.5 | 3.6 | 03.05.2022 | ||
| CVE-2022-20759 | HIGH | 8.8 | 5.9 | 03.05.2022 | ||
| CVE-2022-20760 | HIGH | 7.5 | 3.6 | 03.05.2022 | ||
| CVE-2022-20767 | HIGH | 7.5 | 3.6 | 03.05.2022 | ||
| CVE-2022-20854 | HIGH | 7.5 | 3.6 | 15.11.2022 | ||
| CVE-2022-20928 | MEDIUM | 5.8 | 1.4 | 15.11.2022 | ||
| CVE-2022-20934 | MEDIUM | 6.7 | 5.9 | 15.11.2022 | ||
| CVE-2022-20940 | MEDIUM | 5.3 | 1.4 | 15.11.2022 | ||
| CVE-2022-20946 | HIGH | 7.5 | 3.6 | 15.11.2022 | ||
| CVE-2022-20947 | HIGH | 7.5 | 3.6 | 15.11.2022 | ||
| CVE-2022-20949 | MEDIUM | 4.9 | 3.6 | 15.11.2022 | ||
| CVE-2023-20063 | HIGH | 8.2 | 6.0 | 01.11.2023 | ||
| CVE-2023-20083 | HIGH | 8.6 | 4.0 | 01.11.2023 | ||
| CVE-2023-20086 | HIGH | 8.6 | 4.0 | 01.11.2023 | ||
| CVE-2023-20095 | HIGH | 8.6 | 4.0 | 01.11.2023 | ||
| CVE-2023-20245 | MEDIUM | 5.8 | 1.4 | 01.11.2023 | ||
| CVE-2023-20247 | MEDIUM | 4.3 | 1.4 | 01.11.2023 | ||
| CVE-2023-20256 | MEDIUM | 5.8 | 1.4 | 01.11.2023 | ||
| CVE-2023-20269 | CRITICAL | 9.1 | 5.2 | 06.09.2023 | ||
| CVE-2023-20275 | MEDIUM | 4.3 | 1.4 | 12.12.2023 | ||
| CVE-2023-44487 | HIGH | 7.5 | 3.6 | 10.10.2023 | ||
| CVE-2024-20261 | MEDIUM | 5.8 | 1.4 | 22.05.2024 | ||
| CVE-2024-20297 | MEDIUM | 5.8 | 1.4 | 23.10.2024 | ||
| CVE-2024-20299 | MEDIUM | 5.8 | 1.4 | 23.10.2024 | ||
| CVE-2024-20353 | HIGH | 8.6 | 4.0 | 24.04.2024 | ||
| CVE-2024-20355 | MEDIUM | 5.0 | 1.4 | 22.05.2024 | ||
| CVE-2024-20359 | MEDIUM | 6.0 | 5.2 | 24.04.2024 | ||
| CVE-2024-20382 | MEDIUM | 6.1 | 2.7 | 23.10.2024 | ||
| CVE-2024-20388 | MEDIUM | 5.3 | 1.4 | 23.10.2024 | ||
| CVE-2024-20407 | MEDIUM | 5.8 | 1.4 | 23.10.2024 | ||
| CVE-2024-20408 | HIGH | 7.7 | 4.0 | 23.10.2024 | ||
| CVE-2024-20495 | HIGH | 8.6 | 4.0 | 23.10.2024 | ||
| CVE-2025-20182 | HIGH | 8.6 | 4.0 | 07.05.2025 | ||
Showing 5 out of 119.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 3695,
"dgst": "6c31b2667fffcb27",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"ECDSA#1254",
"AES#3301",
"HMAC#C784",
"HMAC#3272",
"HMAC#2095",
"DRBG#1735",
"DRBG#C784",
"DRBG#819",
"RSA#C784",
"Triple-DES#C784",
"SHS#4012",
"Triple-DES#2559",
"SHS#C784",
"CVL#C784",
"SHS#2737",
"ECDSA#C784",
"AES#4905",
"RSA#2678",
"CVL#1521",
"AES#C784",
"Triple-DES#1881"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:firepower_threat_defense:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"6.4"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": {
"_type": "Set",
"elements": [
"CVE-2020-3285",
"CVE-2023-20269",
"CVE-2021-34781",
"CVE-2021-1573",
"CVE-2021-1256",
"CVE-2021-34792",
"CVE-2022-20745",
"CVE-2019-12678",
"CVE-2022-20946",
"CVE-2019-1978",
"CVE-2024-20359",
"CVE-2020-3191",
"CVE-2022-20928",
"CVE-2020-3303",
"CVE-2020-3259",
"CVE-2020-3550",
"CVE-2020-3564",
"CVE-2020-3452",
"CVE-2020-3436",
"CVE-2020-3305",
"CVE-2020-3580",
"CVE-2020-3195",
"CVE-2022-20760",
"CVE-2020-3304",
"CVE-2022-20742",
"CVE-2020-3565",
"CVE-2020-3555",
"CVE-2022-20715",
"CVE-2020-3187",
"CVE-2020-3179",
"CVE-2021-44228",
"CVE-2024-20408",
"CVE-2019-1980",
"CVE-2022-20729",
"CVE-2021-1224",
"CVE-2022-20934",
"CVE-2024-20388",
"CVE-2021-34783",
"CVE-2022-20947",
"CVE-2019-12675",
"CVE-2022-20757",
"CVE-2020-3563",
"CVE-2023-20245",
"CVE-2023-20095",
"CVE-2022-20854",
"CVE-2019-1970",
"CVE-2020-3253",
"CVE-2020-3306",
"CVE-2022-20940",
"CVE-2024-20261",
"CVE-2019-1669",
"CVE-2021-34761",
"CVE-2021-34793",
"CVE-2021-1501",
"CVE-2020-3528",
"CVE-2024-20353",
"CVE-2019-1981",
"CVE-2020-3196",
"CVE-2020-3254",
"CVE-2020-3315",
"CVE-2021-40114",
"CVE-2023-44487",
"CVE-2021-34763",
"CVE-2021-1223",
"CVE-2022-20713",
"CVE-2020-3549",
"CVE-2024-20495",
"CVE-2023-20063",
"CVE-2019-12694",
"CVE-2021-34755",
"CVE-2020-3577",
"CVE-2025-20182",
"CVE-2020-3514",
"CVE-2021-34756",
"CVE-2022-20767",
"CVE-2024-20299",
"CVE-2022-20759",
"CVE-2019-12698",
"CVE-2021-40117",
"CVE-2022-20685",
"CVE-2022-20949",
"CVE-2023-20256",
"CVE-2021-40125",
"CVE-2023-20083",
"CVE-2021-34764",
"CVE-2019-12673",
"CVE-2022-20746",
"CVE-2024-20407",
"CVE-2021-1495",
"CVE-2022-20730",
"CVE-2020-3352",
"CVE-2023-20275",
"CVE-2020-3186",
"CVE-2020-3572",
"CVE-2020-3554",
"CVE-2021-1236",
"CVE-2021-34762",
"CVE-2023-20247",
"CVE-2020-3529",
"CVE-2020-3317",
"CVE-2021-34787",
"CVE-2021-34790",
"CVE-2024-20355",
"CVE-2020-3561",
"CVE-2020-3533",
"CVE-2021-34754",
"CVE-2023-20086",
"CVE-2020-3255",
"CVE-2021-1493",
"CVE-2021-40116",
"CVE-2024-20297",
"CVE-2019-12695",
"CVE-2021-34794",
"CVE-2021-40118",
"CVE-2021-34791",
"CVE-2024-20382",
"CVE-2020-3188",
"CVE-2019-12676",
"CVE-2019-12674"
]
},
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDH": {
"ECDH": 7
},
"ECDSA": {
"ECDSA": 20
}
},
"FF": {
"DH": {
"DH": 7,
"Diffie-Hellman": 23
}
},
"RSA": {
"RSA 2048": 4
}
},
"certification_process": {
"OutOfScope": {
"of the TELs as depicted below and any additional requirement per the site security policy which are out of scope of this Security Policy. To seal the system, apply tamper-evidence labels as depicted in the": 1,
"out of scope": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 2
},
"GCM": {
"GCM": 7
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 34,
"IKEv2": 9
},
"SSH": {
"SSH": 10,
"SSHv2": 35
},
"TLS": {
"TLS": {
"TLS": 44,
"TLSv1.2": 4
}
},
"VPN": {
"VPN": 4
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 12,
"P-384": 8,
"P-521": 8
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 3,
"#1254": 1,
"#1521": 3,
"#1735": 1,
"#2": 3,
"#2559": 1,
"#2678": 1,
"#3": 3,
"#3272": 1,
"#4012": 1,
"#4905": 1
}
},
"fips_certlike": {
"Certlike": {
"#1881 SHS": 1,
"#2737 HMAC": 1,
"#819 CVL": 1,
"AES 128/192/256": 4,
"AES-256": 4,
"HMAC-SHA 256/384": 2,
"HMAC-SHA-1": 4,
"HMAC-SHA-1 160": 2,
"HMAC-SHA-256": 4,
"HMAC-SHA-384": 4,
"HMAC-SHA-512": 4,
"HMAC-SHA1": 2,
"RSA 2048": 4,
"SHA-1": 2,
"SHA-256": 1,
"SHA-512": 2,
"SHA\u2013384": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 2,
"Level 2": 3,
"level 2": 3
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 6
}
},
"SHA": {
"SHA1": {
"SHA-1": 2
},
"SHA2": {
"SHA-256": 1,
"SHA-512": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 48
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140": 2,
"FIPS 140-2": 20,
"FIPS 186-4": 3,
"FIPS PUB 140-2": 1
},
"NIST": {
"SP 800-52": 1,
"SP 800-90A": 5
},
"RFC": {
"RFC 4253": 1,
"RFC 5246": 1,
"RFC 5288": 1,
"RFC 6071": 1,
"RFC 7296": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 11,
"AES-256": 4
},
"RC": {
"RC4": 3
}
},
"DES": {
"3DES": {
"Triple-DES": 8
},
"DES": {
"DES": 6
}
},
"constructions": {
"MAC": {
"HMAC": 4,
"HMAC-SHA-256": 2,
"HMAC-SHA-384": 2,
"HMAC-SHA-512": 2
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Cisco": {
"Cisco": 26,
"Cisco Systems": 4,
"Cisco Systems, Inc": 30
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "RichardWang",
"/CreationDate": "D:20200723171125-04\u002700\u0027",
"/ModDate": "D:20200723171125-04\u002700\u0027",
"/Producer": "Microsoft: Print To PDF",
"/Title": "Microsoft Word - Cisco FTD CM Security-Policy.docx",
"pdf_file_size_bytes": 2494630,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 30
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "c87b026a049356c508f5eb547523cead2f13b8454fac79c9251e52d42f7e8d0c",
"policy_txt_hash": "8947d8acb585eb68f9f075ba0273a0bef91147dccc82f78c1f5edab685520964"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode and with the tamper evident seals and opacity shield installed as indicated in the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2020_010920_0658.pdf",
"date_sunset": null,
"description": "The 1K is a family of three platforms, 1010 for desktop and 1120 and 1140 for rack mount. While the 2K is a family of four threat-focused NGFW security rack mount platforms. These are all next generation security services platforms capable of running multiple (firewall (NGFW), traffic management) security services simultaneously.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "6.4",
"historical_reason": "SP 800-56Arev3 transition",
"hw_versions": "FPR1010[1], FPR1120[2], FPR1140[2], FPR2110[3], FPR2120[3], FPR2130[3] and FPR2140[3] with FIPS Kit (AIR-AP-FIPSKIT=) and Opacity Shield 800-44098-01[1], 800-45098-01[2] and 69-100250-01[3]",
"level": 2,
"mentioned_certs": {},
"module_name": "Cisco Firepower Threat Defense Cryptographic Module",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2020-08-06",
"lab": "Gossamer Security Solutions",
"validation_type": "Initial"
}
],
"vendor": "Cisco Systems, Inc.",
"vendor_url": "http://www.cisco.com"
}
}