Cisco Cisco Firepower Management Center 2000
31
FireSIGHT System Release Notes
Known Issues
Resolved an issue where, if you clicked on an application in the Denied Connections by Application dashboard
widget, the system did not properly constrain the resulting event view to blocked connections.
(143376/CSCze93645)
widget, the system did not properly constrain the resulting event view to blocked connections.
(143376/CSCze93645)
Resolved an issue where, if you generated a report in CSV format only, report section queries would ignore the option
to inherit the time window. (143403/CSCze94376)
to inherit the time window. (143403/CSCze94376)
Resolved an issue where the Modbus preprocessor failed to generate events after the system missed or dropped a
packet. (142450/CSCze95921)
packet. (142450/CSCze95921)
Resolved an issue where, if you created an access control policy that referenced an SSL policy set to decrypt traffic,
policy apply failed. (144518/CSCze94864)
policy apply failed. (144518/CSCze94864)
Resolved an issue where, if you created an intrusion policy or network analysis policy and added a shared layer to
it, then exported and imported the new policy the system generated a Back-end failed for import error and did not
import the policy. (144905/CSCze96093)
it, then exported and imported the new policy the system generated a Back-end failed for import error and did not
import the policy. (144905/CSCze96093)
Known Issues
The following known issues are reported in Version 5.4.0.5 and Version 5.4.1.4:
In some cases, your system may generate extraneous health alarms if your RAID controller is placed into power
saving mode. (142214/CSCze87267)
saving mode. (142214/CSCze87267)
In some cases, the memory usage health monitor erroneously generates false positives. (144593/CSCze94840)
In some cases, if you create an access control policy that references an SSL policy with Inspect Local Router Traffic
enabled, the system experiences issues. As a workaround, do not enable the Inspect Local Router Traffic option.
(CSCut12631)
enabled, the system experiences issues. As a workaround, do not enable the Inspect Local Router Traffic option.
(CSCut12631)
In some cases, if you edit the admin password for Lights-Out Management (LOM) to include a dollar character ( $ ),
the system automatically changes the Cisco Integrated Management Controller (CIMC) password and truncates the
password after the $ when it should not. As a workaround, log into the CIMC with the truncated password after
editing the LOM admin password and modify the CIMC password to the correct length. (CSCut27442)
the system automatically changes the Cisco Integrated Management Controller (CIMC) password and truncates the
password after the $ when it should not. As a workaround, log into the CIMC with the truncated password after
editing the LOM admin password and modify the CIMC password to the correct length. (CSCut27442)
The asterisk ( * ) character is a supported character in the system file secure-copy CLI command. (CSCuu25329)
The send email check box on the Report Templates tab of the Reporting page (Overview > Reporting) does not stay
selected if you generate a report and then navigate away from the Report Templates tab. (CSCuu41580,
CSCuv43116)
selected if you generate a report and then navigate away from the Report Templates tab. (CSCuu41580,
CSCuv43116)
In some cases, if you create an access control policy referencing a network analysis policy and disable the Modbus
Preprocessor, then enable all the Modbus rules in the Modbus preprocessor listed on the Rule Editor page (Policies
> Intrusion > Rule Editor), the system does not automatically enable the Modbus preprocessor when it should.
(CSCuu66121)
Preprocessor, then enable all the Modbus rules in the Modbus preprocessor listed on the Rule Editor page (Policies
> Intrusion > Rule Editor), the system does not automatically enable the Modbus preprocessor when it should.
(CSCuu66121)
In some cases, if you baseline a managed device to Version 5.4.x with the latest vulnerability database (VDB) and
apply a network discovery policy, then browse with Internet Explorer version 11, the Host Profile pop-window of any
event and the Connection Events page (Analysis > Connections > Events) incorrectly reports the event with Internet
Explorer 7. (CSCuu67292)
apply a network discovery policy, then browse with Internet Explorer version 11, the Host Profile pop-window of any
event and the Connection Events page (Analysis > Connections > Events) incorrectly reports the event with Internet
Explorer 7. (CSCuu67292)
In some cases, the system truncates user names or group names that contain 36 characters or more and are
assigned to an access control policy even though documentation states 36 or more characters is supported.
(CSCuu70235)
assigned to an access control policy even though documentation states 36 or more characters is supported.
(CSCuu70235)
In some cases, the system may not consistently support UTF-8 characters when creating LDAP objects,
downloading groups and users and in the access control policy. As a workaround, create LDAP objects using ACSII
characters on the Microsoft Active Directory Server or the LDAP server. (CSCuv27375)
downloading groups and users and in the access control policy. As a workaround, create LDAP objects using ACSII
characters on the Microsoft Active Directory Server or the LDAP server. (CSCuv27375)