Cisco Cisco Firepower Management Center 2000
28
FireSIGHT System Release Notes
Version 5.3.1.6
Known Issues
•
In some case, if you attempt to restore a backup archive located on a Windows network file server
(NFS), backup restoration fails. As a workaround, manually transfer your archived files with
WinSCP. (CSCut08317)
(NFS), backup restoration fails. As a workaround, manually transfer your archived files with
WinSCP. (CSCut08317)
•
You are unable to block URL's which have not been categorized or assigned a reputation score.
(CSCut17683)
(CSCut17683)
•
In some cases, if your Defense Center's database experiences system issues, you may be missing
your access control policy or your access control policy may be missing rules. If you experience
missing rules in your access control policy, contact support. (CSCut30047)
your access control policy or your access control policy may be missing rules. If you experience
missing rules in your access control policy, contact support. (CSCut30047)
•
Access control policy rules currently do not support LDAP group names with 37 or more characters.
(CSCut34003)
(CSCut34003)
•
The Backup Management tab of the
Managed Device Backup
page (
System > Tools > Backup/Restore >
Managed Device Backup
) does not include registered ASA55X5 or ASA55X5-SSP-XX devices as
options. (CSCut41338)
•
In some cases, if you create an access control policy referencing either a network rule set to block
all IPv6 addresses with
all IPv6 addresses with
::/0
or a network rule set to block all IPv4 addresses with
0.0.0.0/0
, the
system incorrectly blocks all traffic. (CSCut58667)
•
In some cases, if the system attempts to query an unknown URL, the Cloud Lookup Health Module
generates false positive alerts. (CSCut77594)
generates false positive alerts. (CSCut77594)
•
Because of an invalid symbolic link, the
/var/home
directory on a Defense Center appears to be
empty. (CSCut80381)
•
If you edit an access control rule with multiple category conditions and attempt to remove one of
the conditions, the web management interface only removes the first category condition listed
regardless of the condition selected. (CSCuu00585)
the conditions, the web management interface only removes the first category condition listed
regardless of the condition selected. (CSCuu00585)
•
In some cases, if you copy the Top Intrusion Events table from a recently created FireSIGHT Report,
the Fields row of the generated table does not include data. As a workaround, manually populate
data for the Fields row of the copied table. (CSCuu01020)
the Fields row of the generated table does not include data. As a workaround, manually populate
data for the Fields row of the copied table. (CSCuu01020)
•
In some cases, the system experiences issues and the cloud continuously checks for an updated
download. (CSCuu04844)
download. (CSCuu04844)
•
The system displays the incorrect amount of memory usage on the Memory page (
Overview
>
Dashboards
>
Summary Dashboard
>
Status
>
System load
>
Memory
). As a workaround, view the correct
memory usage via the Memory Test option in the Memory Usage page (
Health
>
Health Monitor
).
(CSCuu19742)
•
In some cases, if you create and delete a custom user role or deactivate and reactivate a user role
several times, the system generates extraneous tabs in the web browser. (CSCuu31584)
several times, the system generates extraneous tabs in the web browser. (CSCuu31584)
•
In some cases, if you change your system's time zone to a zone east of UTC and add a correlation
rule with at least one inactive period to a correlation policy, policy apply fails. As a workaround,
delete the old correlation rule and temporarily set your time zone to UTC. Then recreate the
correlation rule with the inactive period and apply policy, then reset your time zone and reapply the
policy. (CSCuu37600)
rule with at least one inactive period to a correlation policy, policy apply fails. As a workaround,
delete the old correlation rule and temporarily set your time zone to UTC. Then recreate the
correlation rule with the inactive period and apply policy, then reset your time zone and reapply the
policy. (CSCuu37600)
•
The system does not include audit log entries for login attempts with
<script>alert(1)</script>
as the user name. (CSCuu39516, CSCuu39521)
•
In some cases, if your system accumulates large quantities of traffic for an extended period of time,
Snort may experience latency and you may experience a disruption in traffic. (CSCuu52545)
Snort may experience latency and you may experience a disruption in traffic. (CSCuu52545)
•
If you experience an error or a failure while updating an appliance from Version 5.3.1 to Version
5.3.1.4 or later, contact Support. (CSCuu54653)
5.3.1.4 or later, contact Support. (CSCuu54653)