McAfee Email Gateway L2

Known vulnerabilities detected

Our automated heuristics have identified vulnerabilities that may be associated with this certificate. See the CVEs section for details.

Certificate #2234

Webpage information

Status historical
Historical reason RNG SP800-131A Revision 1 Transition
Validation dates 05.09.2014
Standard FIPS 140-2
Security level 2
Type Hardware
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode
Exceptions
  • Roles, Services, and Authentication: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Description McAfee Email Gateway integrates comprehensive inbound threat protection with outbound data loss prevention, advanced compliance, performance reporting, and simplified administration. By combining local network information with global reputation intelligence from McAfee Global Threat Intelligence, it provides the most complete protection available against inbound threats, spam and malware. Its sophisticated content scanning technologies, multiple encryption techniques, and granular, policy-based message handling prevent outbound data loss and simplify compliance.
Version (Hardware) EMG-5500-C and EMG-5000-C
Version (Firmware) 7.0.1
Vendor McAfee, Inc.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.
Certificate
Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms
AES, CAST5, RC2, RC5, DES, TDES, HMAC
Asymmetric Algorithms
RSA 1024, RSA 2048, DH, DSA
Hash functions
SHA256, MD5, RIPEMD160
Schemes
Key agreement
Randomness
PRNG, RNG
Libraries
OpenSSL
Block cipher modes
ECB, CBC

Security level
Level 2

Standards
FIPS 140, FIPS 198, FIPS 197, PKCS#1

File metadata

Title Microsoft Word - MFE MEG Appliances Level 2 FIPS 140 Security Policy v1-5 (TC).doc
Author Rsaunders
Creation date D:20140829144333-04'00'
Modification date D:20140829144333-04'00'
Pages 30
Creator PScript5.dll Version 5.2.2
Producer Acrobat Distiller 11.0 (Windows)

Heuristics

Automated inference - use with caution

All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.

Related CVEs

ID Links Severity CVSS Score Published on
Base Exploitability Impact
CVE-2009-1348
C N
HIGH 7.6 10.0 30.04.2009
CVE-2012-4580
C N
MEDIUM 4.3 2.9 22.08.2012
CVE-2012-4581
C N
MEDIUM 6.8 6.4 22.08.2012
CVE-2012-4582
C N
MEDIUM 4.9 4.9 22.08.2012
CVE-2012-4583
C N
MEDIUM 4.0 2.9 22.08.2012
CVE-2012-4584
C N
LOW 3.5 2.9 22.08.2012
CVE-2012-4585
C N
MEDIUM 4.0 2.9 22.08.2012
CVE-2012-4586
C N
LOW 3.5 2.9 22.08.2012
CVE-2012-4595
C N
HIGH 7.5 6.4 22.08.2012
CVE-2012-4596
C N
MEDIUM 4.3 2.9 22.08.2012
CVE-2012-4597
C N
MEDIUM 4.3 2.9 22.08.2012
CVE-2013-6349
C N
HIGH 8.5 10.0 02.11.2013
CVE-2015-1619
C N
LOW 3.5 2.9 17.02.2015
CVE-2016-8005
C N
MEDIUM 6.5 3.6 14.03.2017
CVE-2020-7268
C N
MEDIUM 4.3 1.4 16.09.2020
Showing 5 out of 15.

References

No references are available for this certificate.

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 2234,
  "dgst": "9b21b03d9048a5e6",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "RSA#1172",
        "AES#2281",
        "Triple-DES#1299",
        "HMAC#1218",
        "RNG#1134",
        "AES#2013",
        "RSA#1042",
        "DSA#639",
        "RNG#1081",
        "RNG#1055",
        "SHS#1763",
        "DSA#711",
        "SHS#1829",
        "SHS#1963",
        "Triple-DES#1429",
        "Triple-DES#1341",
        "AES#2106",
        "DSA#656",
        "RSA#1080",
        "HMAC#1280"
      ]
    },
    "cpe_matches": {
      "_type": "Set",
      "elements": [
        "cpe:2.3:a:mcafee:email_gateway:7.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:mcafee:email_gateway:7.0.1:*:*:*:*:*:*:*"
      ]
    },
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "7.0.1"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": {
      "_type": "Set",
      "elements": [
        "CVE-2012-4582",
        "CVE-2012-4580",
        "CVE-2012-4597",
        "CVE-2012-4596",
        "CVE-2012-4595",
        "CVE-2015-1619",
        "CVE-2012-4581",
        "CVE-2020-7268",
        "CVE-2009-1348",
        "CVE-2013-6349",
        "CVE-2012-4583",
        "CVE-2012-4586",
        "CVE-2016-8005",
        "CVE-2012-4584",
        "CVE-2012-4585"
      ]
    },
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "FF": {
          "DH": {
            "DH": 10
          },
          "DSA": {
            "DSA": 32
          }
        },
        "RSA": {
          "RSA 1024": 8,
          "RSA 2048": 1
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 6
        },
        "ECB": {
          "ECB": 2
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 2
        }
      },
      "crypto_protocol": {},
      "crypto_scheme": {
        "KA": {
          "Key agreement": 2
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES (128": 1,
          "AES 128": 5,
          "AES 192": 1,
          "AES 256": 3,
          "DES40": 1,
          "DSA 1024": 2,
          "HMAC256": 4,
          "PKCS#1": 3,
          "RSA 1024": 8,
          "RSA 2048": 1,
          "RSA PKCS#1": 1,
          "SHA256": 2
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 2": 5
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 3
          }
        },
        "RIPEMD": {
          "RIPEMD160": 1
        },
        "SHA": {
          "SHA2": {
            "SHA256": 2
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "PRNG": 27
        },
        "RNG": {
          "RNG": 3
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140": 2,
          "FIPS 197": 3,
          "FIPS 198": 2
        },
        "PKCS": {
          "PKCS#1": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 19
          },
          "CAST": {
            "CAST5": 1
          },
          "RC": {
            "RC2": 1,
            "RC5": 1
          }
        },
        "DES": {
          "3DES": {
            "TDES": 10
          },
          "DES": {
            "DES": 1
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 11
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Rsaunders",
      "/CreationDate": "D:20140829144333-04\u002700\u0027",
      "/Creator": "PScript5.dll Version 5.2.2",
      "/ModDate": "D:20140829144333-04\u002700\u0027",
      "/Producer": "Acrobat Distiller 11.0 (Windows)",
      "/Title": "Microsoft Word - MFE MEG Appliances Level 2 FIPS 140 Security Policy v1-5 (TC).doc",
      "pdf_file_size_bytes": 1397294,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 30
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "9f439cd760ccf4d446a6170f9a624e7614a1df7601f26aca6e12b974b1ee95e8",
    "policy_txt_hash": "2dd59f429c9aad17bfa0df3e4c0b72b08b3bc6dc7281d72982f3c1d7fd441d4a"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertList0045.pdf",
    "date_sunset": null,
    "description": "McAfee Email Gateway integrates comprehensive inbound threat protection with outbound data loss prevention, advanced compliance, performance reporting, and simplified administration. By combining local network information with global reputation intelligence from McAfee Global Threat Intelligence, it provides the most complete protection available against inbound threats, spam and malware. Its sophisticated content scanning technologies, multiple encryption techniques, and granular, policy-based message handling prevent outbound data loss and simplify compliance.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "Design Assurance: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "7.0.1",
    "historical_reason": "RNG SP800-131A Revision 1 Transition",
    "hw_versions": "EMG-5500-C and EMG-5000-C",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "McAfee Email Gateway L2",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "historical",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2014-09-05",
        "lab": "COACT INC CAFE LAB",
        "validation_type": "Initial"
      }
    ],
    "vendor": "McAfee, Inc.",
    "vendor_url": "http://www.mcafee.com"
  }
}