Cisco Cisco Firepower Management Center 2000
18
FireSIGHT System Release Notes
Version 5.3.1.3
Resolved Issues
•
The FireSIGHT System Online Help documents that the apply icon for device changes on the Device
Management page (
Management page (
Devices > Device Management
) activates and turns green when out-of-date device
configuration policies need to be reapplied. (144142/CSCze95449)
•
Resolved an issue where a 3D9900 device running a version older than Version 5.3.0.3 registered to
a Defense Center running at least Version 5.3.1 did not generate intrusion events.
(144171/CSCze94677)
a Defense Center running at least Version 5.3.1 did not generate intrusion events.
(144171/CSCze94677)
•
Improved the reliability of URL reputation and detection capabilities. (144196/CSCze94549)
•
Resolved an issue where the system treated DNS traffic as OpenVPN, QQ, and Viber traffic.
(144546/CSCze95528)
(144546/CSCze95528)
•
Resolved an issue where, in some cases, the system misidentified SMTP traffic as FTP and caused
intrusion events for FTP commands that were false positives. (144591/CSCze95154)
intrusion events for FTP commands that were false positives. (144591/CSCze95154)
•
Resolved an issue where, if you added a stack of devices to a group and added the group to your
target list, the system displayed the stack in the group as two targets instead of one target.
(145008/CSCze95316)
target list, the system displayed the stack in the group as two targets instead of one target.
(145008/CSCze95316)
•
Resolved an issue where automatic updates failed if you attempted to download updates while
managing an X-Series device. (145045/CSCze95716)
managing an X-Series device. (145045/CSCze95716)
•
Resolved an issue where systems running Version 5.3 reported port numbers above 32767
incorrectly. (145183/CSCze95390)
incorrectly. (145183/CSCze95390)
•
Resolved an issue where the Defense Center or managed device generated
High Unmanaged Disk
Usage
health alerts. (145221/CSCze9587)
•
Resolved an issue where the system provided an incorrect patch release if you attempted to update
your system using the
your system using the
Download Updates
button on the
Product Updates
page (
System > updates
).
(145172/CSCze95369)
•
Resolved an issue where the system did not provide URL category or reputation information.
(CSCur38971)
(CSCur38971)
•
Resolved an issue where the syslog alert message for events generated by intrusion rules with
preprocessor options enabled caused a Snort Alert message instead of a customized message.
(CSCur40263)
preprocessor options enabled caused a Snort Alert message instead of a customized message.
(CSCur40263)
•
Resolved an issue where the host profile incorrectly displayed multiple IP addresses for a single
managed device. (CSCur42027, CSCur59486)
managed device. (CSCur42027, CSCur59486)
•
Resolved an issue where, if you created a custom workflow and attempted to open the packet view
of an intrusion event, the system opened the incorrect intrusion event in the packet view.
(CSCur48743)
of an intrusion event, the system opened the incorrect intrusion event in the packet view.
(CSCur48743)
•
Resolved an issue where, if you created a scheduled task to install a new version of the database
(VDB) and the Defense Center already had a recent VDB installed, the system switched from active
to standby mode every time the task occurred. (CSCur59252)
(VDB) and the Defense Center already had a recent VDB installed, the system switched from active
to standby mode every time the task occurred. (CSCur59252)
•
Resolved an issue where the system did not display the associated hosts if you expanded a
vulnerability based on a client application from the vulnerabilities network map. (CSCur86191)
vulnerability based on a client application from the vulnerabilities network map. (CSCur86191)
•
Improved the optimization of certain event workflows. (CSCus52203
•
Improved troubleshooting capabilities. (CSCut12157)