Cisco Cisco Firepower Management Center 4000 Release Notes
Version 5.3.0.6
Sourcefire 3D System Release Notes
26
Resolved Issues
•
Security Issue
Resolved an issue where the system granted incorrect access
privileges to users with limited user roles. (126016, 127428, 127779)
•
Resolved multiple synchronization issues on managed devices in clustered,
stacked, and clustered and stacked configurations. (126106, 128724)
•
Improved the stability of syslog alert responses when sending connection
events to the syslog. (127682)
•
Resolved an issue where the system generated events on intrusion rule
135:2 for incomplete (SYN-only) connections when you enabled the TCP
stream preprocessor option Require TCP 3-Way Handshake and you
configured the rate-based attack prevention preprocessor to limit excessive
simultaneous connections. (127803)
•
Resolved an issue where, if you configured a traffic profile and a correlation
rule to trigger on traffic spikes at or above two standard deviations, the
system did not generate a correlation event. (128107)
•
Resolved an issue where the system generated false positive alerts on
intrusion rule 1:24490. (128304)
•
Resolved a hardware issue where, in rare cases, the 3D8120, 3D8130,
3D8140, and 3D8250 experienced system issues and required a reboot.
(128689)
•
Resolved an issue where if you disabled user detection in LDAP traffic using
your network discovery policy, the Defense Center stopped logging User
Agent login data. (128741)
•
Resolved an issue where, in some cases, you could not perform on-demand
user data retrieval and download if you scheduled automatic LDAP user data
retrieval. (128962)
•
Security Issue
Resolved multiple XSS vulnerabilities in the object manager
and rule editor. (129052, 132023)
•
Resolved an issue where, in some cases, if you viewed reviewed intrusion
events and drilled down to the packet view, there were no visible events
and the reviewed constraint was removed. (129257)
•
Resolved an issue where, in some cases, the system incorrectly identified
SMTP traffic and generated a connection event with missing application
information if the SMTP server responded with a connection error. (130085)
•
Resolved an access control policy synchronization issue on Defense
Centers in a high availability configuration. (130475)
•
Resolved an issue where, in rare cases, the system generated critical health
alert emails containing indecipherable messages. (130518)
•
Resolved multiple display issues on the security zones page in the object
manager. (130569, 130631, 130632)
•
Resolved an issue where drilling down in a custom workflow redirected you
to the incorrect packet view page for an intrusion event. (130620)