Cisco Cisco Firepower Management Center 2000 Notas de publicación
18
FireSIGHT System Release Notes
Version 5.3.1.7
Resolved Issues
Issues resolved in Version 5.3.1.6:
•
Security Issue
Addressed multiple vulnerabilities in SSLv3 that allowed external attacks on client
connections, as described in CVE-2014-8275 and CVE-2015-0204.
•
Security Issue
Addressed multiple vulnerability issues in Linux, NTP, and other third parties, as
described in CVE-2011-2699, CVE-2011-4131, CVE-2012-3400, CVE-2013-1944,
CVE-22013-4545, CVE-22013-21944, and CVE-22014-29296.
CVE-22013-4545, CVE-22013-21944, and CVE-22014-29296.
•
Security Issue
Addressed an arbitrary script injection vulnerability allowing unauthenticated,
remote attackers to exploit GNU C library DNS resolution functionality, as described in
CVE-2013-7423.
CVE-2013-7423.
•
Resolved an issue where managed devices stopped processing traffic when the Defense Center
updated a large security intelligence feed referenced in an access control policy during a policy
apply. (CSCus19921)
updated a large security intelligence feed referenced in an access control policy during a policy
apply. (CSCus19921)
•
Resolved an issue where running the
sudo ips_profile
shell command on a device running at least
Version 5.3 that is registered to a Defense Center running at least Version 5.4 caused the rule profiled
script to fail. (CSCuu02211)
script to fail. (CSCuu02211)
•
Resolved an issue where the Cisco cloud continuously checked for an updated download and caused
system issues. (CSCuu04844)
system issues. (CSCuu04844)
•
Resolved an issue where, if you applied an access control policy set to
Block
as the default actions
to an ASA FirePOWER device, the system incorrectly reverted the policy's default action to
Reset
instead of
Block
. (CSCuu60713)
•
Resolved an issue where the system did not properly encode an edit to a newly added comment to
an access control policy rule. (CSCus83065)
an access control policy rule. (CSCus83065)
•
Resolved an issue where the system did not generate a list of vendors in the vendor drop-down menu
if you create a product map set and
if you create a product map set and
Add Fix Map
. (CSCuu79373)
•
Resolved an issue where the
Send email
check box on Reporting page did not stay selected if you
generated a report, navigated away from the Report Templates tab, and then generated another
report. (CSCuu97750)
report. (CSCuu97750)
•
Resolved an issue where the Product Licensing dashboard widget did not list any URL Filtering
licenses even if URL Filtering licenses were present. (CSCuu97762)
licenses even if URL Filtering licenses were present. (CSCuu97762)
•
Resolved an issue where the License page incorrectly listed licenses under the wrong devices if you
added more than one license to a 3D8250 device and one license to another Series 3 device.
(CSCuu99789)
added more than one license to a 3D8250 device and one license to another Series 3 device.
(CSCuu99789)
Issues Resolved in Version 5.3.1.5:
•
Security Issue
Addressed a vulnerability in HTTP connection handling that allowed users to be
redirected to malicious websites, as described in CVE-2015-0706.
•
Security Issue
Addressed multiple vulnerability issues in Linux and other third parties, as described
in CVE-2011-1927, CVE-2012-2744. and CVE-2015-1781.
•
Security Issue
Addressed a cross-site scripting (XSS) vulnerability, as described in
CVE-2015-0707.