Avaya VoIP PBX System based on the Communication Manager 5.1

CSV information ?

Status archived
Valid from 27.03.2009
Valid until 01.09.2019
Scheme 🇩🇪 DE
Manufacturer Avaya GmbH & Co. KG
Category Other Devices and Systems
Security level ASE_REQ.2, ADV_FSP.2, EAL1+, ASE_OBJ.2, ASE_SPD.1

Heuristics summary ?

Certificate ID: BSI-DSZ-CC-0540-2009

Certification report ?

Extracted keywords

Symmetric Algorithms
AES
Protocols
TLS

Security level
EAL 1, EAL 7, EAL 4, EAL1+, EAL1, EAL3, EAL5, EAL7, EAL2, EAL4, EAL6, EAL 1 augmented
Security Assurance Requirements (SAR)
ADV_FSP.2, ADV_ARC.1, ADV_FSP.1, ADV_FSP.3, ADV_FSP.4, ADV_FSP.5, ADV_FSP.6, ADV_IMP.1, ADV_IMP.2, ADV_INT.1, ADV_INT.2, ADV_INT.3, ADV_SPM.1, ADV_TDS.1, ADV_TDS.2, ADV_TDS.3, ADV_TDS.4, ADV_TDS.5, ADV_TDS.6, ADV_ARC, ADV_FSP, ADV_IMP, ADV_INT, ADV_SPM, ADV_TDS, AGD_OPE.1, AGD_PRE.1, AGD_OPE, AGD_PRE, ALC_DEL, ALC_CMC.1, ALC_CMC.2, ALC_CMC.3, ALC_CMC.4, ALC_CMC.5, ALC_CMS.1, ALC_CMS.2, ALC_CMS.3, ALC_CMS.4, ALC_CMS.5, ALC_DEL.1, ALC_DVS.1, ALC_DVS.2, ALC_FLR.1, ALC_FLR.2, ALC_FLR.3, ALC_LCD.1, ALC_LCD.2, ALC_TAT.1, ALC_TAT.2, ALC_TAT.3, ALC_CMC, ALC_CMS, ALC_DVS, ALC_FLR, ALC_TAT, ATE_IND.1, ATE_COV.1, ATE_COV.2, ATE_COV.3, ATE_DPT.1, ATE_DPT.2, ATE_DPT.3, ATE_DPT.4, ATE_FUN.1, ATE_FUN.2, ATE_IND.2, ATE_IND.3, ATE_COV, ATE_DPT, ATE_FUN, ATE_IND, AVA_VAN.1, AVA_VAN.2, AVA_VAN.3, AVA_VAN.4, AVA_VAN.5, AVA_VAN, APE_INT.1, APE_CCL.1, APE_SPD.1, APE_OBJ.1, APE_OBJ.2, APE_ECD.1, APE_REQ.1, APE_REQ.2, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_INT.1, ASE_CCL.1, ASE_OBJ.1, ASE_ECD.1, ASE_REQ.1, ASE_TSS.1, ASE_TSS.2, ASE_CCL, ASE_ECD, ASE_INT, ASE_OBJ, ASE_SPD, ASE_TSS
Certificates
BSI-DSZ-CC-0540-2009
Certification process
out of scope, may implement some security features like IEEE 802.1X network device authentication. They are out of scope. Their existence and their security features can be assumed. The protection zone “Server” contains, TOE but relevant for the operation. Also here, the network devices like switches and routers are out of scope. This holds also valid for the connection to the internet (the SIP trunk) and the required network, 1.0, 2009-03-10, Evaluation Technical Report BSI-DSZ-CC-0540, CSC Deutschland Solutions GmbH, (confidential document) [8] Configuration list for the TOE, Version 1.0, 2009-03-09, Avaya VoIP PBX System Configuration, Avaya GmbH & Co KG (confidential document) [9] Guidance CD “Communication Manager 5.0”, Publication Date: January 2008 [10] Guidance CD

Certification process
out of scope, may implement some security features like IEEE 802.1X network device authentication. They are out of scope. Their existence and their security features can be assumed. The protection zone “Server” contains, TOE but relevant for the operation. Also here, the network devices like switches and routers are out of scope. This holds also valid for the connection to the internet (the SIP trunk) and the required network, 1.0, 2009-03-10, Evaluation Technical Report BSI-DSZ-CC-0540, CSC Deutschland Solutions GmbH, (confidential document) [8] Configuration list for the TOE, Version 1.0, 2009-03-09, Avaya VoIP PBX System Configuration, Avaya GmbH & Co KG (confidential document) [9] Guidance CD “Communication Manager 5.0”, Publication Date: January 2008 [10] Guidance CD

Technical reports
BSI 7125, BSI 7148, BSI 7149

File metadata

Title: Certification Report BSI-DSZ-CC-0540-2009
Subject: Common Criteria Certification
Keywords: "Avaya VoIP PBX Systembased on the Communication Manager 5.1, Avaya GmbH & Co. KG, Avaya Inc., BSI-DSZ-CC-0540-2009"
Author: Bundesamt fĂĽr Sicherheit in der Informationstechnik
Creation date: D:20090421135047+02'00'
Modification date: D:20090504155601+02'00'
Pages: 36
Creator: Writer
Producer: StarOffice 9

Frontpage

Certificate ID: BSI-DSZ-CC-0540-2009
Certified item: Avaya VoIP PBX System based on the Communication Manager 5.1
Certification lab: BSI
Developer: Avaya GmbH & Co. KG sponsored by Avaya Inc

References

Security target ?

Extracted keywords

Symmetric Algorithms
AES
Hash functions
SHA-1
Protocols
SSL, TLS, VPN

Security level
EAL 1, EAL2, EAL1, EAL 1 augmented
Claims
O.AUTHENTICATE, O.CONFCLIENT, O.DISCLOSE, O.LOGEXPORT, O.MEDIATION, O.RESTRICTION, O.SELFPROTECT, A.ADMIN, A.AVAILABLE, A.DEVICES, A.ERRMONITORING, A.LOCATION, A.PHYSICAL, A.SECDEV, A.SECNET, A.USER, A.VPN, OE.ADMIN, OE.OS, OE.AVAILABLE, OE.DEVICES, OE.ERRMONITORING, OE.LOCATION, OE.LOGOUT, OE.NETMONITOR, OE.PHYSICAL, OE.SECDEV, OE.SECNET, OE.USER, OE.VPN, OSP.OS, OSP.NETMONITOR
Security Assurance Requirements (SAR)
ADV_FSP.2, ADV_FSP.1, AGD_OPE.1, AGD_PRE.1, ALC_CMC.1, ALC_CMS.1, ATE_IND.1, AVA_VAN.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_CCL.1, ASE_ECD.1, ASE_REQ.1, ASE_INT.1, ASE_TSS.1
Security Functional Requirements (SFR)
FAU_GEN.1, FAU_GEN.1.1, FAU_GEN.1.2, FDP_IFC.1, FDP_ITT.2, FDP_ITT.1, FDP_ACC.1, FDP_ITT.2.1, FDP_ITT.2.2, FDP_ETC.2, FDP_ETC.2.1, FDP_ETC.2.2, FDP_ETC.2.3, FDP_ETC.2.4, FDP_ITC.2, FDP_ITC.2.1, FDP_ITC.2.2, FDP_ITC.2.3, FDP_ITC.2.4, FDP_ITC.2.5, FDP_RIP.2, FDP_RIP.1, FDP_RIP.2.1, FDP_ETC.1, FDP_ETC.1.1, FDP_ETC.1.2, FDP_IFF.1, FDP_IFC.1.1, FDP_IFF.1.1, FDP_IFF.1.2, FDP_IFF.1.3, FDP_IFF.1.4, FDP_IFF.1.5, FDP_ACF.1, FDP_ACC.1.1, FDP_ACF.1.1, FDP_ACF.1.2, FDP_ACF.1.3, FDP_ACF.1.4, FIA_UAU.2, FIA_UAU.1, FIA_UID.1, FIA_UAU.2.1, FIA_UID.2, FIA_UID.2.1, FIA_UAU.1.1, FIA_UAU.1.2, FIA_UID.1.1, FIA_UID.1.2, FIA_UAU.3, FIA_UAU.3.1, FIA_UAU.3.2, FMT_SMF.1, FMT_SMF.1.1, FMT_MTD.1, FMT_SMR.1, FMT_MTD.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FMT_MSA.3, FMT_MSA.1, FMT_MSA.3.1, FMT_MSA.3.2, FMT_MSA.1.1, FPT_TDC.1, FPT_TDC.1.1, FPT_TDC.1.2, FPT_STM.1, FTP_ITC.1, FTP_ITC.1.1, FTP_ITC.1.2, FTP_ITC.1.3, FTP_TRP.1
Certification process
out of scope, may implement some security features like IEEE 802.1X network device authentication. They are out of scope. Their existence and their security features can be assumed. The protection zone “Server” contains, TOE but relevant for the operation. Also here, the network devices like switches and routers are out of scope. This holds also valid for the connection to the internet (the SIP trunk) and the required network, are held by us. In order to define the logical scope in detail, the following functions are out of scope of the TOE: Boarder protection of all external connections like SIP trunks or remote management

Certification process
out of scope, may implement some security features like IEEE 802.1X network device authentication. They are out of scope. Their existence and their security features can be assumed. The protection zone “Server” contains, TOE but relevant for the operation. Also here, the network devices like switches and routers are out of scope. This holds also valid for the connection to the internet (the SIP trunk) and the required network, are held by us. In order to define the logical scope in detail, the following functions are out of scope of the TOE: Boarder protection of all external connections like SIP trunks or remote management

Standards
CCMB-2006-09-001, CCMB-2007-09-002, CCMB-2007-09-003

File metadata

Title: Avaya VoIP PBX System Security Target
Subject: Common Criteria Evaluation
Keywords: VoIP, CM 5.1, Communication Manager
Author: Avaya GmbH & Co KG
Creation date: D:20090309164738Z
Modification date: D:20090407130547+02'00'
Pages: 63
Creator: Microsoft® Office Word 2007
Producer: Microsoft® Office Word 2007

References

Heuristics ?

Certificate ID: BSI-DSZ-CC-0540-2009

Extracted SARs

APE_ECD.1, APE_INT.1, ASE_OBJ.2, ADV_SPM.1, ADV_TDS.6, ALC_CMC.1, ASE_TSS.1, APE_OBJ.2, ATE_IND.1, ALC_CMS.1, ADV_ARC.1, ALC_DEL.1, ATE_FUN.2, ATE_DPT.4, ALC_LCD.2, ALC_DVS.2, AVA_VAN.1, ASE_REQ.2, ADV_FSP.2, APE_CCL.1, ADV_INT.3, ADV_IMP.2, ASE_CCL.1, ATE_COV.3, APE_REQ.2, ALC_TAT.3, ALC_FLR.3, ASE_ECD.1, AGD_OPE.1, APE_SPD.1, AGD_PRE.1, ASE_SPD.1, ASE_INT.1

References ?

Updates ?

  • 28.01.2022 The certificate was first processed.
    New certificate

    A new Common Criteria certificate with the product name Avaya VoIP PBX System based on the Communication Manager 5.1 was processed.

  • 01.02.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The cpe_matches property was updated, with the [[0, 'cpe:2.3:a:avaya:communication_manager:5.1:*:*:*:*:*:*:*'], [1, 'cpe:2.3:a:avaya:communication_manager:5.1:sp1:*:*:*:*:*:*'], [5, 'cpe:2.3:a:avaya:communication_manager:5.1.2:*:*:*:*:*:*:*']] values inserted.
  • 02.02.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The cpe_matches property was updated, with the [[0, 'cpe:2.3:a:avaya:communication_manager:5.1.2:sp0:*:*:*:*:*:*'], [1, 'cpe:2.3:a:avaya:communication_manager:5.1.2:*:*:*:*:*:*:*'], [5, 'cpe:2.3:a:avaya:communication_manager:5.1.1:sp1:*:*:*:*:*:*']] values inserted.
  • 03.02.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The cpe_matches property was updated, with the [[0, 'cpe:2.3:a:avaya:communication_manager:5.1.1:sp1:*:*:*:*:*:*'], [1, 'cpe:2.3:a:avaya:communication_manager:5.1.1:*:*:*:*:*:*:*'], [4, 'cpe:2.3:a:avaya:communication_manager:5.1.2:*:*:*:*:*:*:*'], [5, 'cpe:2.3:a:avaya:communication_manager:5.1.2:sp0:*:*:*:*:*:*']] values inserted.
  • 11.02.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The cpe_matches property was updated, with the [[0, 'cpe:2.3:a:avaya:communication_manager:5.1.2:*:*:*:*:*:*:*'], [1, 'cpe:2.3:a:avaya:communication_manager:5.1.2:sp0:*:*:*:*:*:*']] values inserted.
  • 12.02.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The cpe_matches property was updated, with the [[3, 'cpe:2.3:a:avaya:communication_manager:5.1:*:*:*:*:*:*:*'], [4, 'cpe:2.3:a:avaya:communication_manager:5.1.2:*:*:*:*:*:*:*'], [5, 'cpe:2.3:a:avaya:communication_manager:5.1.2:sp0:*:*:*:*:*:*']] values inserted.
  • 18.02.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The report_frontpage property was updated, with the {'nscib': {}, 'niap': {}, 'canada': {}} values inserted.
    • The st_frontpage property was updated, with the {'nscib': {}, 'niap': {}, 'canada': {}} values inserted.

    The computed heuristics were updated.

    • The extracted_versions property was set to {'_type': 'Set', 'elements': ['5.1']}.
    • The cpe_matches property was set to {'_type': 'Set', 'elements': ['cpe:2.3:a:avaya:communication_manager:5.1.2:sp0:*:*:*:*:*:*', 'cpe:2.3:a:avaya:communication_manager:5.1:*:*:*:*:*:*:*', 'cpe:2.3:a:avaya:communication_manager:5.1.1:sp1:*:*:*:*:*:*', 'cpe:2.3:a:avaya:communication_manager:5.1.2:*:*:*:*:*:*:*', 'cpe:2.3:a:avaya:communication_manager:5.1:sp1:*:*:*:*:*:*', 'cpe:2.3:a:avaya:communication_manager:5.1.1:*:*:*:*:*:*:*']}.
  • 08.03.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'st_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'report_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}}.
    • The following properties were deleted: ['directly_affected_by', 'indirectly_affected_by', 'directly_affecting', 'indirectly_affecting'].
  • 28.03.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The cpe_matches property was set to None.
    • The related_cves property was set to None.
  • 29.03.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The cpe_matches property was set to {'_type': 'Set', 'elements': ['cpe:2.3:a:avaya:communication_manager:5.1.2:sp0:*:*:*:*:*:*', 'cpe:2.3:a:avaya:communication_manager:5.1:*:*:*:*:*:*:*', 'cpe:2.3:a:avaya:communication_manager:5.1.1:sp1:*:*:*:*:*:*', 'cpe:2.3:a:avaya:communication_manager:5.1.2:*:*:*:*:*:*:*', 'cpe:2.3:a:avaya:communication_manager:5.1:sp1:*:*:*:*:*:*', 'cpe:2.3:a:avaya:communication_manager:5.1.1:*:*:*:*:*:*:*']}.
    • The related_cves property was set to {'_type': 'Set', 'elements': ['CVE-2008-5710']}.
  • 24.04.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'direct_dependency_cves': None, 'indirect_dependency_cves': None}.
  • 13.05.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'extracted_sars': {'_type': 'Set', 'elements': [{'_type': 'SAR', 'family': 'ATE_COV', 'level': 3}, {'_type': 'SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'SAR', 'family': 'APE_OBJ', 'level': 2}, {'_type': 'SAR', 'family': 'ALC_FLR', 'level': 3}, {'_type': 'SAR', 'family': 'ATE_DPT', 'level': 4}, {'_type': 'SAR', 'family': 'APE_INT', 'level': 1}, {'_type': 'SAR', 'family': 'APE_ECD', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'SAR', 'family': 'ADV_INT', 'level': 3}, {'_type': 'SAR', 'family': 'ATE_IND', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'SAR', 'family': 'APE_REQ', 'level': 2}, {'_type': 'SAR', 'family': 'ALC_TAT', 'level': 3}, {'_type': 'SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'SAR', 'family': 'ATE_FUN', 'level': 2}, {'_type': 'SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'SAR', 'family': 'ADV_IMP', 'level': 2}, {'_type': 'SAR', 'family': 'ALC_DVS', 'level': 2}, {'_type': 'SAR', 'family': 'ALC_CMC', 'level': 1}, {'_type': 'SAR', 'family': 'ADV_TDS', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_CMS', 'level': 1}, {'_type': 'SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'SAR', 'family': 'AVA_VAN', 'level': 1}, {'_type': 'SAR', 'family': 'ADV_SPM', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_LCD', 'level': 2}, {'_type': 'SAR', 'family': 'APE_SPD', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'SAR', 'family': 'APE_CCL', 'level': 1}, {'_type': 'SAR', 'family': 'ADV_FSP', 'level': 2}]}}.
  • 14.06.2022 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The following values were inserted: {'report_pdf_hash': '9f4879e4abd4c163126e8254ff10a9093bf1b6fe1938514c9051dc08cacdb448', 'st_pdf_hash': '99857098e63344f238de78ebaa01b5f253a1b7b8e4f368f1611f25649e1557da', 'report_txt_hash': '9e824c5afb1813525ec5bde108547b66a95ae03d21e9bac851c88ba26618c039', 'st_txt_hash': 'f3d2ba93631a3e4249302b5b89fc596aedb011b4f3cfb8f7ce54e73c116d9ad3'}.

    The PDF extraction data was updated.

    • The report_keywords property was updated, with the {'rules_symmetric_crypto': {'AES': 1}, 'rules_asymmetric_crypto': {}, 'rules_pq_crypto': {}, 'rules_hashes': {}, 'rules_crypto_schemes': {'TLS': 2}, 'rules_randomness': {}, 'rules_tee': {'SE': 1}, 'rules_side_channels': {}} values inserted.
    • The st_keywords property was updated, with the {'rules_symmetric_crypto': {'AES': 1}, 'rules_asymmetric_crypto': {}, 'rules_pq_crypto': {}, 'rules_hashes': {'SHA-1': 1}, 'rules_crypto_schemes': {'TLS': 4, 'SSL': 1}, 'rules_randomness': {}, 'rules_tee': {'SE': 1}, 'rules_side_channels': {}} values inserted.
  • 17.07.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The report_metadata property was updated, with the {'pdf_hyperlinks': {'_type': 'Set', 'elements': ['http://www.bsi.bund.de/']}} values inserted.
    • The st_metadata property was updated, with the {'pdf_hyperlinks': {'_type': 'Set', 'elements': []}} values inserted.
    • The report_keywords property was set to {'cc_cert_id': {'DE': {'BSI-DSZ-CC-0540-2009': 66}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 1': 5, 'EAL 7': 1, 'EAL 4': 1, 'EAL1+': 2, 'EAL1': 6, 'EAL2': 4, 'EAL3': 4, 'EAL4': 5, 'EAL5': 6, 'EAL6': 4, 'EAL7': 4, 'EAL 1 augmented': 3}}, 'cc_sar': {'ADV': {'ADV_FSP.2': 4, 'ADV_ARC.1': 1, 'ADV_FSP.1': 1, 'ADV_FSP.3': 1, 'ADV_FSP.4': 1, 'ADV_FSP.5': 1, 'ADV_FSP.6': 1, 'ADV_IMP.1': 1, 'ADV_IMP.2': 1, 'ADV_INT.1': 1, 'ADV_INT.2': 1, 'ADV_INT.3': 1, 'ADV_SPM.1': 1, 'ADV_TDS.1': 1, 'ADV_TDS.2': 1, 'ADV_TDS.3': 1, 'ADV_TDS.4': 1, 'ADV_TDS.5': 1, 'ADV_TDS.6': 1, 'ADV_ARC': 1, 'ADV_FSP': 1, 'ADV_IMP': 1, 'ADV_INT': 1, 'ADV_SPM': 1, 'ADV_TDS': 1}, 'AGD': {'AGD_OPE.1': 1, 'AGD_PRE.1': 1, 'AGD_OPE': 1, 'AGD_PRE': 1}, 'ALC': {'ALC_DEL': 2, 'ALC_CMC.1': 1, 'ALC_CMC.2': 1, 'ALC_CMC.3': 1, 'ALC_CMC.4': 1, 'ALC_CMC.5': 1, 'ALC_CMS.1': 1, 'ALC_CMS.2': 1, 'ALC_CMS.3': 1, 'ALC_CMS.4': 1, 'ALC_CMS.5': 1, 'ALC_DEL.1': 1, 'ALC_DVS.1': 1, 'ALC_DVS.2': 1, 'ALC_FLR.1': 1, 'ALC_FLR.2': 1, 'ALC_FLR.3': 1, 'ALC_LCD.1': 1, 'ALC_LCD.2': 1, 'ALC_TAT.1': 1, 'ALC_TAT.2': 1, 'ALC_TAT.3': 1, 'ALC_CMC': 1, 'ALC_CMS': 1, 'ALC_DVS': 1, 'ALC_FLR': 1, 'ALC_LCD': 1, 'ALC_TAT': 1}, 'ATE': {'ATE_COV.1': 1, 'ATE_COV.2': 1, 'ATE_COV.3': 1, 'ATE_DPT.1': 1, 'ATE_DPT.2': 1, 'ATE_DPT.3': 1, 'ATE_DPT.4': 1, 'ATE_FUN.1': 1, 'ATE_FUN.2': 1, 'ATE_IND.1': 1, 'ATE_IND.2': 1, 'ATE_IND.3': 1, 'ATE_COV': 1, 'ATE_DPT': 1, 'ATE_FUN': 1, 'ATE_IND': 1}, 'AVA': {'AVA_VAN.1': 2, 'AVA_VAN.2': 1, 'AVA_VAN.3': 1, 'AVA_VAN.4': 1, 'AVA_VAN.5': 1, 'AVA_VAN': 2}, 'APE': {'APE_INT.1': 1, 'APE_CCL.1': 1, 'APE_SPD.1': 1, 'APE_OBJ.1': 1, 'APE_OBJ.2': 1, 'APE_ECD.1': 1, 'APE_REQ.1': 1, 'APE_REQ.2': 1}, 'ASE': {'ASE_OBJ.2': 5, 'ASE_REQ.2': 5, 'ASE_SPD.1': 5, 'ASE_INT.1': 1, 'ASE_CCL.1': 1, 'ASE_OBJ.1': 1, 'ASE_ECD.1': 1, 'ASE_REQ.1': 1, 'ASE_TSS.1': 1, 'ASE_TSS.2': 1, 'ASE_CCL': 1, 'ASE_ECD': 1, 'ASE_INT': 1, 'ASE_OBJ': 1, 'ASE_SPD': 1, 'ASE_TSS': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 1}}}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {'TLS': {'TLS': {'TLS': 2}}}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {'BSI': {'BSI 7125': 2, 'BSI 7148': 1, 'BSI 7149': 1}}, 'device_model': {}, 'tee_name': {'IBM': {'SE': 1}}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'.1X network device authentication. They are out of scope. Their existence and their security features can be assumed': 1, '. Also here, the network devices like switches and routers are out of scope. This holds also valid for the connection to the internet (the SIP trunk': 1, 'vices may implement some security features like IEEE 802.1X network device authentication. They are out of scope. Their existence and their security features can be assumed. The protection zone “Server” contains': 1, 'he TOE but relevant for the operation. Also here, the network devices like switches and routers are out of scope. This holds also valid for the connection to the internet (the SIP trunk) and the required network': 1}, 'ConfidentialDocument': {'sion 1.0, 2009-03-10, Evaluation Technical Report BSI-DSZ-CC-0540, CSC Deutschland Solutions GmbH, (confidential document) [8] Configuration list for the TOE, Version 1.0, 2009-03-09, Avaya VoIP PBX System Configuration': 1, 'List, Avaya GmbH & Co KG (confidential document) [9] Guidance CD “Communication Manager 5.0”, Publication Date: January 2008 [10] Guidance CD': 1}}}.
    • The st_keywords property was set to {'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 1': 2, 'EAL2': 1, 'EAL1': 1, 'EAL 1 augmented': 2}}, 'cc_sar': {'ADV': {'ADV_FSP.2': 6, 'ADV_TDS.1': 1, 'ADV_FSP.1': 4}, 'AGD': {'AGD_OPE.1': 5, 'AGD_PRE.1': 5}, 'ALC': {'ALC_CMC.1': 1, 'ALC_CMS.1': 2}, 'ATE': {'ATE_IND.1': 1}, 'AVA': {'AVA_VAN.1': 1}, 'ASE': {'ASE_OBJ.2': 4, 'ASE_REQ.2': 5, 'ASE_SPD.1': 4, 'ASE_CCL.1': 1, 'ASE_INT.1': 3, 'ASE_ECD.1': 3, 'ASE_REQ.1': 2, 'ASE_TSS.1': 1}}, 'cc_sfr': {'FAU': {'FAU_GEN.1': 7, 'FAU_GEN.1.1': 1, 'FAU_GEN.1.2': 1}, 'FDP': {'FDP_IFC.1': 48, 'FDP_ITT.2': 6, 'FDP_ITT.1': 1, 'FDP_ACC.1': 17, 'FDP_ITT.2.1': 1, 'FDP_ITT.2.2': 1, 'FDP_ETC.2': 6, 'FDP_ETC.2.1': 1, 'FDP_ETC.2.2': 1, 'FDP_ETC.2.3': 1, 'FDP_ETC.2.4': 1, 'FDP_ITC.2': 6, 'FDP_ITC.2.1': 1, 'FDP_ITC.2.2': 1, 'FDP_ITC.2.3': 1, 'FDP_ITC.2.4': 1, 'FDP_ITC.2.5': 1, 'FDP_RIP.2': 6, 'FDP_RIP.1': 1, 'FDP_RIP.2.1': 1, 'FDP_ETC.1': 6, 'FDP_ETC.1.1': 1, 'FDP_ETC.1.2': 1, 'FDP_IFF.1': 27, 'FDP_IFC.1.1': 3, 'FDP_IFF.1.1': 3, 'FDP_IFF.1.2': 3, 'FDP_IFF.1.3': 3, 'FDP_IFF.1.4': 3, 'FDP_IFF.1.5': 3, 'FDP_ACF.1': 8, 'FDP_ACC.1.1': 1, 'FDP_ACF.1.1': 1, 'FDP_ACF.1.2': 1, 'FDP_ACF.1.3': 1, 'FDP_ACF.1.4': 1}, 'FIA': {'FIA_UAU.2': 10, 'FIA_UAU.1': 8, 'FIA_UID.1': 21, 'FIA_UAU.2.1': 2, 'FIA_UID.2': 14, 'FIA_UID.2.1': 2, 'FIA_UAU.1.1': 1, 'FIA_UAU.1.2': 1, 'FIA_UID.1.1': 1, 'FIA_UID.1.2': 1, 'FIA_UAU.3': 6, 'FIA_UAU.3.1': 1, 'FIA_UAU.3.2': 1}, 'FMT': {'FMT_SMF.1': 50, 'FMT_SMF.1.1': 6, 'FMT_MTD.1': 15, 'FMT_SMR.1': 45, 'FMT_MTD.1.1': 3, 'FMT_SMR.1.1': 2, 'FMT_SMR.1.2': 2, 'FMT_MSA.3': 35, 'FMT_MSA.1': 28, 'FMT_MSA.3.1': 4, 'FMT_MSA.3.2': 4, 'FMT_MSA.1.1': 3}, 'FPT': {'FPT_TDC.1': 9, 'FPT_TDC.1.1': 1, 'FPT_TDC.1.2': 1, 'FPT_STM.1': 2}, 'FTP': {'FTP_ITC.1': 14, 'FTP_ITC.1.1': 2, 'FTP_ITC.1.2': 2, 'FTP_ITC.1.3': 2, 'FTP_TRP.1': 1}}, 'cc_claims': {'O': {'O.AUTHENTICATE': 1, 'O.CONFCLIENT': 1, 'O.DISCLOSE': 1, 'O.LOGEXPORT': 1, 'O.MEDIATION': 1, 'O.RESTRICTION': 1, 'O.SELFPROTECT': 1}, 'T': {'T': 3}, 'A': {'A.ADMIN': 4, 'A.AVAILABLE': 3, 'A.DEVICES': 3, 'A.ERRMONITORING': 3, 'A.LOCATION': 3, 'A.PHYSICAL': 4, 'A.SECDEV': 3, 'A.SECNET': 3, 'A.USER': 3, 'A.VPN': 3}, 'R': {'R': 1}, 'OE': {'OE': 3, 'OE.ADMIN': 14, 'OE.OS': 3, 'OE.AVAILABLE': 3, 'OE.DEVICES': 3, 'OE.ERRMONITORING': 5, 'OE.LOCATION': 6, 'OE.LOGOUT': 3, 'OE.NETMONITOR': 8, 'OE.PHYSICAL': 9, 'OE.SECDEV': 3, 'OE.SECNET': 4, 'OE.USER': 3, 'OE.VPN': 4}, 'OSP': {'OSP.OS': 4, 'OSP.NETMONITOR': 3}}, 'vendor': {'STMicroelectronics': {'STM': 2}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 1}}}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 1}}}, 'crypto_scheme': {'KA': {'KA': 1}}, 'crypto_protocol': {'TLS': {'SSL': {'SSL': 1}, 'TLS': {'TLS': 4}}}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {'IBM': {'SE': 1}}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'CC': {'CCMB-2006-09-001': 2, 'CCMB-2007-09-002': 2, 'CCMB-2007-09-003': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 1, '.1X network device authentication. They are out of scope. Their existence and their security features can be assumed': 1, '. Also here, the network devices like switches and routers are out of scope. This holds also valid for the connection to the internet (the SIP trunk': 1, 'vices may implement some security features like IEEE 802.1X network device authentication. They are out of scope. Their existence and their security features can be assumed. The protection zone “Server” contains': 1, 'he TOE but relevant for the operation. Also here, the network devices like switches and routers are out of scope. This holds also valid for the connection to the internet (the SIP trunk) and the required network': 1, 'warding are held by us. In order to define the logical scope in detail, the following functions are out of scope of the TOE: Boarder protection of all external connections like SIP trunks or remote management': 1}}}.

    The computed heuristics were updated.

    • The _type property was set to Heuristics.
  • 18.07.2022 The certificate data changed.
    Certificate changed

    The _type was updated.

    • The new value is sec_certs.sample.common_criteria.CommonCriteriaCert.

    The state of the certificate object was updated.

    • The _type property was set to sec_certs.sample.common_criteria.CommonCriteriaCert.InternalState.

    The PDF extraction data was updated.

    • The _type property was set to sec_certs.sample.common_criteria.CommonCriteriaCert.PdfData.

    The computed heuristics were updated.

    • The _type property was set to sec_certs.sample.common_criteria.CommonCriteriaCert.Heuristics.
    • The st_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References'} data.
    • The report_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References'} data.
    • The extracted_sars property was set to {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_SPM', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_INT', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FLR', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'APE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}]}.
  • 24.09.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The following values were inserted: {'report_filename': '0540a.pdf', 'st_filename': '0540b.pdf'}.
    • The report_keywords property was updated, with the {'cc_cert_id': {'__update__': {'DE': {'__update__': {'BSI-DSZ-CC-0540-2009': 32}}}}, 'cc_security_level': {'__update__': {'EAL': {'__update__': {'EAL2': 3, 'EAL4': 4, 'EAL6': 3}}}}, 'cc_sar': {'__update__': {'ADV': {'__update__': {'ADV_FSP.2': 5}}, 'ALC': {'__delete__': ['ALC_LCD']}, 'ATE': {'__update__': {'ATE_IND.1': 2}}}}, 'tee_name': {}, 'certification_process': {'__update__': {'OutOfScope': {'out of scope': 2, 'may implement some security features like IEEE 802.1X network device authentication. They are out of scope. Their existence and their security features can be assumed. The protection zone “Server” contains': 1, 'TOE but relevant for the operation. Also here, the network devices like switches and routers are out of scope. This holds also valid for the connection to the internet (the SIP trunk) and the required network': 1}, 'ConfidentialDocument': {'1.0, 2009-03-10, Evaluation Technical Report BSI-DSZ-CC-0540, CSC Deutschland Solutions GmbH, (confidential document) [8] Configuration list for the TOE, Version 1.0, 2009-03-09, Avaya VoIP PBX System Configuration': 1, 'Avaya GmbH & Co KG (confidential document) [9] Guidance CD “Communication Manager 5.0”, Publication Date: January 2008 [10] Guidance CD': 1}}}} data.
    • The st_keywords property was updated, with the {'cc_security_level': {'__update__': {'EAL': {'__update__': {'EAL 1': 1, 'EAL 1 augmented': 1}}}}, 'cc_sar': {'__update__': {'ADV': {'__update__': {'ADV_FSP.2': 7}, '__delete__': ['ADV_TDS.1']}, 'ALC': {'__update__': {'ALC_CMS.1': 1}}, 'ASE': {'__update__': {'ASE_SPD.1': 3, 'ASE_INT.1': 1, 'ASE_ECD.1': 1}}}}, 'cc_sfr': {'__update__': {'FDP': {'__update__': {'FDP_IFC.1': 47}}, 'FMT': {'__update__': {'FMT_SMR.1': 44}}}}, 'cc_claims': {'__update__': {'OE': {'__update__': {'OE.AVAILABLE': 2, 'OE.LOCATION': 5, 'OE.NETMONITOR': 7, 'OE.SECDEV': 2, 'OE.USER': 2}, '__delete__': ['OE']}}, '__delete__': ['T', 'R']}, 'vendor': {}, 'crypto_scheme': {}, 'tee_name': {}, 'certification_process': {'__update__': {'OutOfScope': {'__insert__': {'may implement some security features like IEEE 802.1X network device authentication. They are out of scope. Their existence and their security features can be assumed. The protection zone “Server” contains': 1, 'TOE but relevant for the operation. Also here, the network devices like switches and routers are out of scope. This holds also valid for the connection to the internet (the SIP trunk) and the required network': 1, 'are held by us. In order to define the logical scope in detail, the following functions are out of scope of the TOE: Boarder protection of all external connections like SIP trunks or remote management': 1}, '__update__': {'out of scope': 3}, '__delete__': ['.1X network device authentication. They are out of scope. Their existence and their security features can be assumed', '. Also here, the network devices like switches and routers are out of scope. This holds also valid for the connection to the internet (the SIP trunk', 'vices may implement some security features like IEEE 802.1X network device authentication. They are out of scope. Their existence and their security features can be assumed. The protection zone “Server” contains', 'he TOE but relevant for the operation. Also here, the network devices like switches and routers are out of scope. This holds also valid for the connection to the internet (the SIP trunk) and the required network', 'warding are held by us. In order to define the logical scope in detail, the following functions are out of scope of the TOE: Boarder protection of all external connections like SIP trunks or remote management']}}}} data.

    The computed heuristics were updated.

    • The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 6}]} values added.
  • 26.09.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The st_keywords property was updated, with the {'crypto_protocol': {'__insert__': {'VPN': {'VPN': 14}}}} data.
  • 05.10.2022 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The following values were inserted: {'st_convert_garbage': False, 'report_convert_garbage': False}.
  • 10.10.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The cpe_matches property was set to None.
    • The related_cves property was set to None.

Raw data

{
  "_type": "sec_certs.sample.common_criteria.CommonCriteriaCert",
  "category": "Other Devices and Systems",
  "cert_link": null,
  "dgst": "61821500cddab34f",
  "heuristics": {
    "_type": "sec_certs.sample.common_criteria.CommonCriteriaCert.Heuristics",
    "cert_id": "BSI-DSZ-CC-0540-2009",
    "cert_lab": [
      "BSI"
    ],
    "cpe_matches": null,
    "direct_dependency_cves": null,
    "extracted_sars": {
      "_type": "Set",
      "elements": [
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "APE_SPD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_FUN",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMC",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DVS",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_SPM",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_FLR",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "APE_CCL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DEL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_IMP",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_PRE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "APE_ECD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_LCD",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_TSS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_FSP",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_OBJ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_DPT",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "APE_OBJ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_IND",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_OPE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_COV",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_INT",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_TAT",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_ARC",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_REQ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "APE_REQ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_VAN",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_SPD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "APE_INT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_INT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_CCL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_TDS",
          "level": 6
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_ECD",
          "level": 1
        }
      ]
    },
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "5.1"
      ]
    },
    "indirect_dependency_cves": null,
    "related_cves": null,
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": []
  },
  "manufacturer": "Avaya GmbH \u0026 Co. KG",
  "manufacturer_web": "https://www.avaya.com/de/",
  "name": "Avaya VoIP PBX System based on the Communication Manager 5.1",
  "not_valid_after": "2019-09-01",
  "not_valid_before": "2009-03-27",
  "pdf_data": {
    "_type": "sec_certs.sample.common_criteria.CommonCriteriaCert.PdfData",
    "report_filename": "0540a.pdf",
    "report_frontpage": {
      "anssi": {},
      "bsi": {
        "cert_id": "BSI-DSZ-CC-0540-2009",
        "cert_item": "Avaya VoIP PBX System based on the Communication Manager 5.1",
        "cert_lab": "BSI",
        "developer": "Avaya GmbH \u0026 Co. KG sponsored by Avaya Inc",
        "match_rules": [
          "(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
        ]
      },
      "canada": {},
      "niap": {},
      "nscib": {}
    },
    "report_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-0540-2009": 32
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ADV": {
          "ADV_ARC": 1,
          "ADV_ARC.1": 1,
          "ADV_FSP": 1,
          "ADV_FSP.1": 1,
          "ADV_FSP.2": 5,
          "ADV_FSP.3": 1,
          "ADV_FSP.4": 1,
          "ADV_FSP.5": 1,
          "ADV_FSP.6": 1,
          "ADV_IMP": 1,
          "ADV_IMP.1": 1,
          "ADV_IMP.2": 1,
          "ADV_INT": 1,
          "ADV_INT.1": 1,
          "ADV_INT.2": 1,
          "ADV_INT.3": 1,
          "ADV_SPM": 1,
          "ADV_SPM.1": 1,
          "ADV_TDS": 1,
          "ADV_TDS.1": 1,
          "ADV_TDS.2": 1,
          "ADV_TDS.3": 1,
          "ADV_TDS.4": 1,
          "ADV_TDS.5": 1,
          "ADV_TDS.6": 1
        },
        "AGD": {
          "AGD_OPE": 1,
          "AGD_OPE.1": 1,
          "AGD_PRE": 1,
          "AGD_PRE.1": 1
        },
        "ALC": {
          "ALC_CMC": 1,
          "ALC_CMC.1": 1,
          "ALC_CMC.2": 1,
          "ALC_CMC.3": 1,
          "ALC_CMC.4": 1,
          "ALC_CMC.5": 1,
          "ALC_CMS": 1,
          "ALC_CMS.1": 1,
          "ALC_CMS.2": 1,
          "ALC_CMS.3": 1,
          "ALC_CMS.4": 1,
          "ALC_CMS.5": 1,
          "ALC_DEL": 2,
          "ALC_DEL.1": 1,
          "ALC_DVS": 1,
          "ALC_DVS.1": 1,
          "ALC_DVS.2": 1,
          "ALC_FLR": 1,
          "ALC_FLR.1": 1,
          "ALC_FLR.2": 1,
          "ALC_FLR.3": 1,
          "ALC_LCD.1": 1,
          "ALC_LCD.2": 1,
          "ALC_TAT": 1,
          "ALC_TAT.1": 1,
          "ALC_TAT.2": 1,
          "ALC_TAT.3": 1
        },
        "APE": {
          "APE_CCL.1": 1,
          "APE_ECD.1": 1,
          "APE_INT.1": 1,
          "APE_OBJ.1": 1,
          "APE_OBJ.2": 1,
          "APE_REQ.1": 1,
          "APE_REQ.2": 1,
          "APE_SPD.1": 1
        },
        "ASE": {
          "ASE_CCL": 1,
          "ASE_CCL.1": 1,
          "ASE_ECD": 1,
          "ASE_ECD.1": 1,
          "ASE_INT": 1,
          "ASE_INT.1": 1,
          "ASE_OBJ": 1,
          "ASE_OBJ.1": 1,
          "ASE_OBJ.2": 5,
          "ASE_REQ.1": 1,
          "ASE_REQ.2": 5,
          "ASE_SPD": 1,
          "ASE_SPD.1": 5,
          "ASE_TSS": 1,
          "ASE_TSS.1": 1,
          "ASE_TSS.2": 1
        },
        "ATE": {
          "ATE_COV": 1,
          "ATE_COV.1": 1,
          "ATE_COV.2": 1,
          "ATE_COV.3": 1,
          "ATE_DPT": 1,
          "ATE_DPT.1": 1,
          "ATE_DPT.2": 1,
          "ATE_DPT.3": 1,
          "ATE_DPT.4": 1,
          "ATE_FUN": 1,
          "ATE_FUN.1": 1,
          "ATE_FUN.2": 1,
          "ATE_IND": 1,
          "ATE_IND.1": 2,
          "ATE_IND.2": 1,
          "ATE_IND.3": 1
        },
        "AVA": {
          "AVA_VAN": 2,
          "AVA_VAN.1": 2,
          "AVA_VAN.2": 1,
          "AVA_VAN.3": 1,
          "AVA_VAN.4": 1,
          "AVA_VAN.5": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 1": 5,
          "EAL 1 augmented": 3,
          "EAL 4": 1,
          "EAL 7": 1,
          "EAL1": 6,
          "EAL1+": 2,
          "EAL2": 3,
          "EAL3": 4,
          "EAL4": 4,
          "EAL5": 6,
          "EAL6": 3,
          "EAL7": 4
        }
      },
      "cc_sfr": {},
      "certification_process": {
        "ConfidentialDocument": {
          "1.0, 2009-03-10, Evaluation Technical Report BSI-DSZ-CC-0540, CSC Deutschland Solutions GmbH, (confidential document) [8] Configuration list for the TOE, Version 1.0, 2009-03-09, Avaya VoIP PBX System Configuration": 1,
          "Avaya GmbH \u0026 Co KG (confidential document) [9] Guidance CD \u201cCommunication Manager 5.0\u201d, Publication Date: January 2008 [10] Guidance CD": 1
        },
        "OutOfScope": {
          "TOE but relevant for the operation. Also here, the network devices like switches and routers are out of scope. This holds also valid for the connection to the internet (the SIP trunk) and the required network": 1,
          "may implement some security features like IEEE 802.1X network device authentication. They are out of scope. Their existence and their security features can be assumed. The protection zone \u201cServer\u201d contains": 1,
          "out of scope": 2
        }
      },
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "TLS": {
          "TLS": {
            "TLS": 2
          }
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {},
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 1
          }
        }
      },
      "technical_report_id": {
        "BSI": {
          "BSI 7125": 2,
          "BSI 7148": 1,
          "BSI 7149": 1
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "report_metadata": {
      "/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "/CreationDate": "D:20090421135047+02\u002700\u0027",
      "/Creator": "Writer",
      "/Keywords": "\"Avaya VoIP PBX Systembased on the Communication Manager 5.1, Avaya GmbH \u0026 Co. KG, Avaya Inc., BSI-DSZ-CC-0540-2009\"",
      "/ModDate": "D:20090504155601+02\u002700\u0027",
      "/Producer": "StarOffice 9",
      "/Subject": "Common Criteria Certification",
      "/Title": "Certification Report BSI-DSZ-CC-0540-2009",
      "pdf_file_size_bytes": 856495,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://www.bsi.bund.de/"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 36
    },
    "st_filename": "0540b.pdf",
    "st_frontpage": {
      "anssi": {},
      "bsi": {},
      "canada": {},
      "niap": {},
      "nscib": {}
    },
    "st_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {},
      "cc_claims": {
        "A": {
          "A.ADMIN": 4,
          "A.AVAILABLE": 3,
          "A.DEVICES": 3,
          "A.ERRMONITORING": 3,
          "A.LOCATION": 3,
          "A.PHYSICAL": 4,
          "A.SECDEV": 3,
          "A.SECNET": 3,
          "A.USER": 3,
          "A.VPN": 3
        },
        "O": {
          "O.AUTHENTICATE": 1,
          "O.CONFCLIENT": 1,
          "O.DISCLOSE": 1,
          "O.LOGEXPORT": 1,
          "O.MEDIATION": 1,
          "O.RESTRICTION": 1,
          "O.SELFPROTECT": 1
        },
        "OE": {
          "OE.ADMIN": 14,
          "OE.AVAILABLE": 2,
          "OE.DEVICES": 3,
          "OE.ERRMONITORING": 5,
          "OE.LOCATION": 5,
          "OE.LOGOUT": 3,
          "OE.NETMONITOR": 7,
          "OE.OS": 3,
          "OE.PHYSICAL": 9,
          "OE.SECDEV": 2,
          "OE.SECNET": 4,
          "OE.USER": 2,
          "OE.VPN": 4
        },
        "OSP": {
          "OSP.NETMONITOR": 3,
          "OSP.OS": 4
        }
      },
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ADV": {
          "ADV_FSP.1": 4,
          "ADV_FSP.2": 7
        },
        "AGD": {
          "AGD_OPE.1": 5,
          "AGD_PRE.1": 5
        },
        "ALC": {
          "ALC_CMC.1": 1,
          "ALC_CMS.1": 1
        },
        "ASE": {
          "ASE_CCL.1": 1,
          "ASE_ECD.1": 1,
          "ASE_INT.1": 1,
          "ASE_OBJ.2": 4,
          "ASE_REQ.1": 2,
          "ASE_REQ.2": 5,
          "ASE_SPD.1": 3,
          "ASE_TSS.1": 1
        },
        "ATE": {
          "ATE_IND.1": 1
        },
        "AVA": {
          "AVA_VAN.1": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 1": 1,
          "EAL 1 augmented": 1,
          "EAL1": 1,
          "EAL2": 1
        }
      },
      "cc_sfr": {
        "FAU": {
          "FAU_GEN.1": 7,
          "FAU_GEN.1.1": 1,
          "FAU_GEN.1.2": 1
        },
        "FDP": {
          "FDP_ACC.1": 17,
          "FDP_ACC.1.1": 1,
          "FDP_ACF.1": 8,
          "FDP_ACF.1.1": 1,
          "FDP_ACF.1.2": 1,
          "FDP_ACF.1.3": 1,
          "FDP_ACF.1.4": 1,
          "FDP_ETC.1": 6,
          "FDP_ETC.1.1": 1,
          "FDP_ETC.1.2": 1,
          "FDP_ETC.2": 6,
          "FDP_ETC.2.1": 1,
          "FDP_ETC.2.2": 1,
          "FDP_ETC.2.3": 1,
          "FDP_ETC.2.4": 1,
          "FDP_IFC.1": 47,
          "FDP_IFC.1.1": 3,
          "FDP_IFF.1": 27,
          "FDP_IFF.1.1": 3,
          "FDP_IFF.1.2": 3,
          "FDP_IFF.1.3": 3,
          "FDP_IFF.1.4": 3,
          "FDP_IFF.1.5": 3,
          "FDP_ITC.2": 6,
          "FDP_ITC.2.1": 1,
          "FDP_ITC.2.2": 1,
          "FDP_ITC.2.3": 1,
          "FDP_ITC.2.4": 1,
          "FDP_ITC.2.5": 1,
          "FDP_ITT.1": 1,
          "FDP_ITT.2": 6,
          "FDP_ITT.2.1": 1,
          "FDP_ITT.2.2": 1,
          "FDP_RIP.1": 1,
          "FDP_RIP.2": 6,
          "FDP_RIP.2.1": 1
        },
        "FIA": {
          "FIA_UAU.1": 8,
          "FIA_UAU.1.1": 1,
          "FIA_UAU.1.2": 1,
          "FIA_UAU.2": 10,
          "FIA_UAU.2.1": 2,
          "FIA_UAU.3": 6,
          "FIA_UAU.3.1": 1,
          "FIA_UAU.3.2": 1,
          "FIA_UID.1": 21,
          "FIA_UID.1.1": 1,
          "FIA_UID.1.2": 1,
          "FIA_UID.2": 14,
          "FIA_UID.2.1": 2
        },
        "FMT": {
          "FMT_MSA.1": 28,
          "FMT_MSA.1.1": 3,
          "FMT_MSA.3": 35,
          "FMT_MSA.3.1": 4,
          "FMT_MSA.3.2": 4,
          "FMT_MTD.1": 15,
          "FMT_MTD.1.1": 3,
          "FMT_SMF.1": 50,
          "FMT_SMF.1.1": 6,
          "FMT_SMR.1": 44,
          "FMT_SMR.1.1": 2,
          "FMT_SMR.1.2": 2
        },
        "FPT": {
          "FPT_STM.1": 2,
          "FPT_TDC.1": 9,
          "FPT_TDC.1.1": 1,
          "FPT_TDC.1.2": 1
        },
        "FTP": {
          "FTP_ITC.1": 14,
          "FTP_ITC.1.1": 2,
          "FTP_ITC.1.2": 2,
          "FTP_ITC.1.3": 2,
          "FTP_TRP.1": 1
        }
      },
      "certification_process": {
        "OutOfScope": {
          "TOE but relevant for the operation. Also here, the network devices like switches and routers are out of scope. This holds also valid for the connection to the internet (the SIP trunk) and the required network": 1,
          "are held by us. In order to define the logical scope in detail, the following functions are out of scope of the TOE: Boarder protection of all external connections like SIP trunks or remote management": 1,
          "may implement some security features like IEEE 802.1X network device authentication. They are out of scope. Their existence and their security features can be assumed. The protection zone \u201cServer\u201d contains": 1,
          "out of scope": 3
        }
      },
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "TLS": {
          "SSL": {
            "SSL": 1
          },
          "TLS": {
            "TLS": 4
          }
        },
        "VPN": {
          "VPN": 14
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "CC": {
          "CCMB-2006-09-001": 2,
          "CCMB-2007-09-002": 2,
          "CCMB-2007-09-003": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 1
          }
        }
      },
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "st_metadata": {
      "/Author": "Avaya GmbH \u0026 Co KG",
      "/CreationDate": "D:20090309164738Z",
      "/Creator": "Microsoft\u00ae Office Word 2007",
      "/Keywords": "VoIP, CM 5.1, Communication Manager",
      "/ModDate": "D:20090407130547+02\u002700\u0027",
      "/Producer": "Microsoft\u00ae Office Word 2007",
      "/Subject": "Common Criteria Evaluation",
      "/Title": "Avaya VoIP PBX System Security Target",
      "pdf_file_size_bytes": 773349,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 63
    }
  },
  "protection_profiles": {
    "_type": "Set",
    "elements": []
  },
  "report_link": "https://www.commoncriteriaportal.org/files/epfiles/0540a.pdf",
  "scheme": "DE",
  "security_level": {
    "_type": "Set",
    "elements": [
      "EAL1+",
      "ASE_SPD.1",
      "ASE_REQ.2",
      "ASE_OBJ.2",
      "ADV_FSP.2"
    ]
  },
  "st_link": "https://www.commoncriteriaportal.org/files/epfiles/0540b.pdf",
  "state": {
    "_type": "sec_certs.sample.common_criteria.CommonCriteriaCert.InternalState",
    "errors": [],
    "report_convert_garbage": false,
    "report_convert_ok": true,
    "report_download_ok": true,
    "report_extract_ok": true,
    "report_pdf_hash": "9f4879e4abd4c163126e8254ff10a9093bf1b6fe1938514c9051dc08cacdb448",
    "report_txt_hash": "9e824c5afb1813525ec5bde108547b66a95ae03d21e9bac851c88ba26618c039",
    "st_convert_garbage": false,
    "st_convert_ok": true,
    "st_download_ok": true,
    "st_extract_ok": true,
    "st_pdf_hash": "99857098e63344f238de78ebaa01b5f253a1b7b8e4f368f1611f25649e1557da",
    "st_txt_hash": "f3d2ba93631a3e4249302b5b89fc596aedb011b4f3cfb8f7ce54e73c116d9ad3"
  },
  "status": "archived"
}