National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Security Content Automation Protocol (SCAP) 1.2 Product Validation Record

Validation Number: 132 BMC Software
Vendor: BMC Software
Product Name: BMC Server Automation
Product Major Version: 8.6
Product Version Tested: 8.6.00.197
Tested Platforms:
Microsoft Windows 7, 64 bit
Red Hat Enterprise Linux 5.9 Desktop, 64 bit (x86_64)
SCAP 1.2 Capabilities:
Authenticated Configuration Scanner
Common Vulnerabilities and Exposures (CVE)
Open Checklist Interactive Language (OCIL)
Validated Product
Vendor Provided SCAP Information
Dates Tested: 10/21/2014 12:00:00 AM - 12/15/2014 12:00:00 AM
Report Submitted: 12/15/2014 12:00:00 AM
DTR Version: NIST IR 7511 Revision 3
Validation Test Suite:
version 1-2.0.0.0 (December 2012 release includes R600-1.2.0.0.1, R1900-1.2.0.0.2, R3300-1.2.0.0.3 out of cycle updates)
version 1-2.0.1.0 (August 2013 release)
version 1-2.0.2.0 (March 2014 release)
version 1-2.0.3.0 (April 2015 release)
version 1-­2.1.0.0 (April 2016 release)
version 1-­2.1.1.0 (June 2016 release)
Previous Validation
SCAP and Product Version:
SCAP 1.0 BMC Software Server Automation 8.2.0
NVLAP Lab: 200416-0 - COACT
Validation Date: 12/30/2014 12:00:00 AM
Comments: An exception was granted for SCAP.R.2000.5 because there isn’t a clearly defined method for exporting the same OVAL variable with multiple values.

Note: The vendor assertions document (aka Vendor Provided SCAP Information) was provided by the vendor. The descriptions do not imply endorsement by the U.S. Government or NIST.