Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco Firepower Management Center 4000
  5. Release Notes

Cisco Cisco Firepower Management Center 4000 Release Notes

Download
Page of 46
Version 5.3.0.5
Sourcefire 3D System Release Notes
34
Known Issues
If you disable Drop When Inline in your intrusion policy, inline normalization 
stops modifying packets seen in traffic and the system does not indicate 
what traffic would be modified. In some cases, other devices or applications 
on your network may not function in the same way after you re-enable Drop 
When Inline. (13917/CSCze911494, 139177/CSCze91163)
Security Issue
 Sourcefire is aware of a vulnerability inherent in the Intelligent 
Platform Management Interface (IPMI) standard (CVE-2013-4786). Enabling 
Lights-Out Management (LOM) on an appliance exposes this vulnerability. 
To prevent exposure to the vulnerability, do not enable LOM. To mitigate the 
vulnerability, deploy your appliances on a secure management network 
accessible only to trusted users and use a complex, non-dictionary-based 
password. If you enable LOM and expose this vulnerability, change the 
complex password every three months. For LOM password requirements, 
see the Sourcefire 3D System User Guide. (139286/CSCze91556, 140954)
In rare cases, the Task Status page (System > Monitoring > Task Status
incorrectly reports that a failed system policy apply succeeded. 
(139428/CSCze92142)
In some cases, the system does not enforce the maximum transmission 
unit (MTU) setting on Series 2 or virtual devices. (139620/CSCze91705)
If you configure and save three or more intrusion policies that reference 
each other through their base policies, the system does not update the Last 
Modified dates for all policies on the Intrusion Policy page (Policies > Intrusion 
> Intrusion Policy). As a workaround, wait 5-10 minutes and refresh the 
Intrusion Policy page. (139647/CSCze91353)
In some cases, if you configure and save a report with a time window that 
includes the transition day from observing Daylight Saving Time (DST) to not 
observing DST, the system adjusts the time window to begin an hour earlier 
than you specified. As a workaround, set the time window to begin one 
hour later. (139713/CSCze91697)
If you remove an IP address from the global whitelist via the Object 
Manager page of the Defense Center web interface, the command line 
interface (CLI) on your Defense Center does not reflect the change. 
(139784/CSCze91728)
The system does not prevent an externally authenticated user from 
modifying the LDAP password via the User Preferences page. If an 
externally authenticated user does this, the user becomes an internally 
authenticated user. (140143/CSCze91938)
You can only import a HTTPS certificate once. Modifying or re-importing a 
server certificate fails. (140283/CSCze92162)
Although you cannot enable bypass mode for clustered devices, the option 
still appears in the web interface. (140604/CSCze92047)
If you create a report in bar graph report form that shows data organized by 
day, only a maximum of 10 days can appear in the graph. As a workaround, 
create multiple reports in 10-day increments. (140833/CSCze92405)