Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco Firepower Management Center 4000
  5. Release Notes

Cisco Cisco Firepower Management Center 4000 Release Notes

Download
Page of 45
Version 5.3.0.2
Sourcefire 3D System Release Notes
27
Issues Resolved in Version 5.3.0.2
Security Issue 
Eliminated an XSS vulnerability (CVE-2014-2012) in the 
intrusion rule editor pages that could allow an attacker to access and 
disclose information, imitate user actions and requests, or execute arbitrary 
JavaScript. Special thanks to Liad Mizrachi Check Point Security Research 
Team for reporting this issue. (136542)
Security Issue 
Eliminated a cross-site request forgery (CSRF) vulnerability 
(CVE-2014-2011) in the User Configuration page that could allow an attacker 
to add or edit user accounts. Special thanks to Liad Mizrachi Check Point 
Security Research Team for reporting this issue. (136911)
Security Issue 
Eliminated a CSRF vulnerability (CVE-2014-2028) in the User 
Management page that could allow an attacker to activate, deactivate, edit, 
or delete user accounts. Special thanks to Liad Mizrachi Check Point 
Security Research Team for reporting this issue. (136914)
Resolved an issue where the system provided incorrect speed data for fiber 
interfaces with speeds of 4GB and faster. (137484)
Security Issue 
Eliminated an XSS vulnerability (CVE-2014-2275) in the 
Scheduling page, the Health Monitor page, and the event viewers that could 
allow an attacker to access and disclose information, imitate user actions 
and requests, or execute arbitrary JavaScript. Special thanks to Adi Volkovitz 
Check Point Security Research Team for reporting this issue. (137850, 
137853, 137856)
Resolved an issue where, after you disconnected and reconnected the fiber 
interfaces on a Series 3 managed device, the system did not reestablish the 
network connection. (138099)
Version 5.3
Improved the performance and stability of VPN. (116996, 119698, 123636)
Resolved an issue where modifying the device configuration on a clustered 
stack and immediately applying the changes caused the apply to fail and the 
system to display an error message in the task status queue. (121625)
Resolved an issue where, in some cases, installing a new intrusion rule 
update caused custom intrusion rule classifications referenced by 
correlation rules to revert to predefined classifications. (122163)
Resolved an issue where, in some cases, network discovery policies did not 
function as expected if you applied two or more network discovery rules 
constrained by the same zones and networks that were configured to 
discover a different combination of hosts, users, and applications. (122853)
Resolved an issue where LDAP authentication could fail if the DNS entries 
in your network environment for your LDAP server's hostname and IP 
address did not match. (123447)
Resolved an issue where updates of the Sourcefire 3D System required 
upwards of three hours on Series 3 appliances. (124148)
Resolved an issue where, in some cases, you could not edit a device group 
if it contained an inactive managed device. (124286)