National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Security Content Automation Protocol (SCAP) 1.2 Product Validation Record

Validation Number: 126 Tripwire
Vendor: Tripwire
Product Name: Tripwire Enterprise
Product Major Version: 8
Product Version Tested: 8.3.2
Tested Platforms:
Microsoft Windows 7, 64 bit
Microsoft Windows 7, 32 bit
Red Hat Enterprise Linux 5 Desktop, 64 bit
Red Hat Enterprise Linux 5 Desktop, 32 bit
SCAP 1.2 Capabilities:
Authenticated Configuration Scanner
Common Vulnerabilities and Exposures (CVE)
Validated Product
Vendor Provided SCAP Information
Dates Tested: 4/1/2013 12:00:00 AM - 11/4/2013 12:00:00 AM
Report Submitted: 11/7/2013 12:00:00 AM
DTR Version: NIST IR 7511 Revision 3
Validation Test Suite:
version 1-2.0.0.0 (December 2012 release includes R600-1.2.0.0.1, R1900-1.2.0.0.2, R3300-1.2.0.0.3 out of cycle updates)
version 1-2.0.1.0 (August 2013 release)
version 1-2.0.2.0 (March 2014 release)
version 1-2.0.3.0 (April 2015 release)
version 1-­2.1.0.0 (April 2016 release)
version 1-­2.1.1.0 (June 2016 release)
Previous Validation
SCAP and Product Version:
SCAP 1.0 – Tripwire Version 8
NVLAP Lab: 200427-0 - Leidos
Validation Date: 11/7/2013 12:00:00 AM
Comments: An exception was granted for SCAP.R.2000.5 because there isn’t a clearly defined method for exporting the same OVAL variable with multiple values. Exceptions were granted for validation tests that contained bugs which were subsequently fixed in version 1-2.0.1.0 of the validation test suite. The validation test content change log version 1-2.0.1.0 contains the complete list.

Note: The vendor assertions document (aka Vendor Provided SCAP Information) was provided by the vendor. The descriptions do not imply endorsement by the U.S. Government or NIST.