Cisco Cisco Firepower Management Center 4000 Release Notes
Version 5.3.0.5
Sourcefire 3D System Release Notes
35
Known Issues
•
In some cases, the Password Lifetime column on the User Management
page (Operations > User Management) may display a negative value if a user’s
password has expired. (140839/CSCze92338)
•
If you disable an access control rule that invokes an intrusion policy, then
reapply your access control policy, the system incorrectly indicates that the
appliances’ intrusion policy is out of date. As a workaround, delete access
control rules that use intrusion policies instead of disabling those rules.
(141044/CSCze92012)
•
You cannot delete vulnerabilities from the third-party vulnerabilities table
(Analysis > Vulnerabilities > Third-Party Vulnerabilities). (141103/CSCze92621)
•
Files that are intentionally not stored by the system (such as files seen for
the first time, or files outside the size limit) incorrectly appear with a File
Storage value of
Failed
. (141196/CSCze92629, 141505/CSCze92908)
•
The system-provided saved search Public Addresses Only incorrectly includes
the private 172.x.x.x IP address range. (141285/CSCze92654)
•
When you update your appliances to a new software version, the update
overwrites any changes you made to default dashboard pages. As a
workaround, perform a system backup before updating, then restore the
backup. (141363/CSCze92812)
•
Reports do not resolve DNS names for IP addresses, even if you have
configured them to do so. (141393/CSCze92797)
•
When you configure a device inline between a host and a web server, block
the web server by URL in your access control policy, enable the
Cisco-provided block response page, then attempt to access the web server
from the host, a session timeout may result if the open connection limit of
the server’s operating system is reached. (141440/CSCze92753)
•
In some cases, excessive saved revisions to the intrusion policy may cause
system performance issues. (141501/CSCze92792, 141754/CSCze92960)
•
On 3D9900 devices, passive interfaces not in security zones do not
generate intrusion or connection events. As a workaround, create and
specify a security zone for all passive interfaces on this device model.
(141663/CSCze93022)
•
When you edit a saved search, the previously configured name of the
search does not appear in the Name field; the field is empty.
(142060/CSCze93463)
•
When the system sends a file for sandbox analysis and the cloud does not
respond within 50 minutes, the file’s status still appears as Sent for Analysis
instead of indicating that analysis has timed out. (142309/CSCze93757)
•
When you are using two Defense Centers in a high availability configuration,
you cannot generate troubleshooting reports for a Defense Center from the
web interface of its high availability peer. You must generate
troubleshooting reports directly from the Defense Center you need the
reports for. (142645/CSCze93908)