Cisco Cisco FirePOWER Appliance 7125
Version 5.3.0.2
Sourcefire 3D System Release Notes
28
Issues Resolved in Version 5.3.0.2
•
The system now generates an error message when you attempt to install
an intrusion rule update while the system is already running an update of
the Sourcefire 3D System. (124290)
•
Resolved an issue where, in rare cases, the Defense Center did not back up
events onto remote storage. (124350)
•
Resolved an issue where, in some cases, the system displayed an
erroneous Please wait, loading... message. (124918)
•
Improved the performance of Nmap scans. (124999)
•
Resolved an issue where the system incompletely terminated failed
intrusion rule updates. (125368)
•
Resolved an issue where the system generated false positive alerts on the
SMTP preprocessor rules 124:1, 124:3, or 124:10. (125449)
•
Security
Resolved multiple packet display issues. (125531, 132258)
•
Improved the performance of sensitive data analysis. (125588, 126167)
•
Resolved an issue where the system ran an Nmap scan from a device even
if you used a remediation where Scan from reporting device was disabled.
(125608)
•
Resolved an issue where the system generated false positive alerts in
reassembly traffic if you enabled any of the auto-detect DCE/RPC
preprocessor options. (125737)
•
Resolved an issue where, after importing a new intrusion rule update, the
number of imported rules in an intrusion policy did not match the number of
rules in the import log. (125900)
•
Security Issue
Resolved an issue where the system granted incorrect access
privileges to users with limited user roles. (126016, 127428, 127779)
•
Resolved multiple synchronization issues on managed devices in clustered,
stacked, and clustered and stacked configurations. (126106, 128724)
•
Improved the stability of syslog alert responses when sending connection
events to the syslog. (127682)
•
Resolved an issue where the system generated events on intrusion rule
135:2 for incomplete (SYN-only) connections when you enabled the TCP
stream preprocessor option Require TCP 3-Way Handshake and you
configured the rate-based attack prevention preprocessor to limit excessive
simultaneous connections. (127803)
•
Resolved an issue where, if you configured a traffic profile and a correlation
rule to trigger on traffic spikes at or above two standard deviations, the
system did not generate a correlation event. (128107)
•
Resolved an issue where the system generated false positive alerts on
intrusion rule 1:24490. (128304)
•
Resolved a hardware issue where, in rare cases, the 3D8120, 3D8130,
3D8140, and 3D8250 experienced system issues and required a reboot.
(128689)