Assurance Continuity - Xerox® AltaLink™ C8030 / C8035 / C8045 / C8055 / C8070 (HCDPP)
Date of Maintenance Completion: 2019.12.09CC Certificate Validation Report Assurance Activity
Product Type: Multi Function Device
Conformance Claim: Protection Profile Compliant
PP Identifier: Protection Profile for Hardcopy Devices Version 1.0
Original Evaluated TOE: 2019.07.22 - Xerox® AltaLink™ C8030 / C8035 / C8045 / C8055 / C8070
Please note: The above files are for the Original Evaluated TOE. Consequently, they do not refer to this maintained version, although they apply to the maintained version.
Security Target * Assurance Continuity Maintenance Report
Please note: This serves as an addendum to the VR for the Original Evaluated TOE.
* This is the Security Target (ST) associated with this latest Maintenance Release. To view previous STs for this TOE, click here.
Readers are reminded that the certification of this product (TOE) is the result of maintenance, rather than an actual re-evaluation of the product. Maintenance only considers the affect of TOE changes on the assurance baseline (i.e. the original evaluated TOE); maintenance is not intended to provide assurance in regard to the resistance of the TOE to new vulnerabilities or attack methods discovered since the date of the initial certificate. Such assurance can only be gained through re-evaluation.
Using a security impact analysis of the changes made to the TOE, which was provided by the developer, the CCEVS has determined that the impact of changes on the TOE are considered minor and that independent evaluator analysis was not necessary. A summary of the results can be found in the Maintenance Report, which is written in relation to the product's original validation report and Security Target. Readers are therefore reminded to read the Security Target, Validation Report, and the Assurance Maintenance Report to fully understand the meaning of what a maintained certificate represents.
Description of ASE Changes:
There are over 60 minor changes to the TOE that are comprised of bug fixes that are included in updates and patches to Xerox® AltaLink™ since certification. Most of the bug fixes are related to Energy Star and California State Law default password changes. Several OpenSSL vulnerabilities have also been addressed (see DAR-347405) – critically, the underlying FIPS Object Module and related CAVP certificates remain unchanged. Other changes address audit long inconsistencies, cross site scripting problems, and incorrect test results.
Description of ALC Changes:
Changes to the Security Target revision were made, going from version 0.7 to 0.9 with the addition of Software Patch 417710v1.dlm with Release 101.008.019.20200. No other documentation was affected.
Assurance Continuity Maintenance Report:
· Xerox submitted an Impact Analysis Report (IAR) for the Xerox Multi-Factor Device Security Target Xerox® AltaLink™ C8030 / C8035 / C8045 / C8055 / C8070.
· This Impact Analysis Report (IAR) documents the analysis of a certificate update. A software patch has been issued for the TOE software fix bugs related to Energy Star and California State Law default password change, OpenSSL vulnerabilities, audit log inconsistencies, cross site scripting problems, and incorrect test results. The IAR indicates that the impact of all the individual changes is minor so it concludes that the sum of all the changes to the TOE have only minor impact.
· The IAR lists the changes to the product with resulted in the creation of Software Patch 417710v1.dlm with Release 101.008.019.20200.
· There are no changes to the IT Environment
· Changes to the Security Target are as follows:
o Document version
o Copyright year
o Firmware version
o OpenSSL version in TOE Summary Specification section 6.1.6
· The CI List was updated with the new Security Target revision. No other documentation was affected
· The Protection Profile is unchanged with no Technical Decisions released since the prior Assurance Maintenance. No changes have been made to the hardware of the TOE models; the model names and manufacturing numbers remain the same. The assurance activity coverage is unchanged. The only changes are the bug fixes and security patches.
Description of Regression Testing:
A full suite of regression tests was performed by Xerox to verify all changes included in the patch to verify there are no changes to the results when compared to the original validation. The regression tests are the same HCD PP Assurance Activity tests conducted by the lab during the original validation. The same test plan used during the original validation was reused for the regression tests.
Xerox maintains a security advisory service covering the TOE models at https://security.business.xerox.com/en-us/products/altalink-b8000-series/. The changed TOE software addresses all known public security vulnerabilities. Xerox asserts that there are no known public vulnerabilities in the changed TOE as at October 21, 2019.