Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Security Content Automation Protocol Validation Program

132 BMC SCAP 1.2 Product Validation Record

Validation Number: 132 BMC Software Logo
Vendor: BMC Software
Product Name: BMC Server Automation
Product Major Version: 8.6
Product Version Tested: 8.6.00.197
Tested Platforms:
Microsoft Windows 7, 64 bit
Red Hat Enterprise Linux 5, 64 bit
SCAP 1.2 Capabilities:
Authenticated Configuration Scanner
Common Vulnerabilities and Exposures (CVE)
Open Checklist Interactive Language (OCIL)
Validated Product
Vendor Provided SCAP Information
Dates Tested: 10/21/2014 - 12/15/2014
Report Submitted: 12/15/2014
DTR Version: NISTIR 7511 Rev. 3
Validation Test Suite:
version 1-2.0.0.0 (December 2012 release includes R600-1.2.0.0.1, R1900-1.2.0.0.2, R3300-1.2.0.0.3 out of cycle updates)
version 1-2.0.1.0 (August 2013 release)
version 1-2.0.2.0 (March 2014 release)
version 1-2.0.3.0 (April 2015 release)
version 1-­2.1.0.0 (April 2016 release)
version 1-­2.1.1.0 (June 2016 release)
Previous Validation
SCAP and Product Version:
SCAP 1.0 BMC Software Server Automation 8.2.0
NVLAP Lab: 200416-0 - COACT
Validation Date: 12/30/2014
Comments: An exception was granted for SCAP.R.2000.5 because there isn’t a clearly defined method for exporting the same OVAL variable with multiple values.
Note: The vendor assertions document (aka Vendor Provided SCAP Information) was provided by the vendor. The descriptions do not imply endorsement by the U.S. Government or NIST.

Created November 06, 2017, Updated April 24, 2018