Cisco Cisco Firepower Management Center 2000 Notas de publicación
24
FireSIGHT System Release Notes
Resolved Issues
Issues resolved in Version 5.4.1:
Security Issue
Addressed multiple vulnerabilities in SSLv3 that allowed external attacks on client connections. The
fix addresses CVE-2014-3566.
Security Issue
Addressed an arbitrary script injection vulnerability allowing unauthenticated, remote attackers to
execute commands via Bash. The fix addresses CVE-2014-6271 and CVE-2014-7169.
Security Issue
Resolved an unauthorized vulnerability in Universal Unique Identifier (UUID) manipulation.
Security Issue
Resolved cross-site scripting (XSS) vulnerabilities in the host attribute.
Security Issue
Resolved an HTML injection vulnerability.
Improved the speed of reloading Snort configurations during access control policy apply. (112070/CSCze87966,
CSCur19687)
CSCur19687)
Resolved an issue where, if you created an SSL policy with the Session Not Cached option set to Do Not Decrypt
or Block and SSL session reuse enabled, the system displayed uncached session errors in the SSL Status column
of the Connection Events table view when the session refreshed. (143335/CSCze93608).
or Block and SSL session reuse enabled, the system displayed uncached session errors in the SSL Status column
of the Connection Events table view when the session refreshed. (143335/CSCze93608).
Resolved an issue where the system did not display data for the Network Analysis Policy column of the Intrusion
Events table view and the Connection Events table view if you registered a device running Version 5.3.X to a Defense
Center running Version 5.4. (143349/CSCze94484)
Events table view and the Connection Events table view if you registered a device running Version 5.3.X to a Defense
Center running Version 5.4. (143349/CSCze94484)
Resolved an issue where the system failed to recover if you attempted to reboot your clustered Series 3 devices after
the devices went to maintenance mode and experienced a power failure. (143504/CSCze94928)
the devices went to maintenance mode and experienced a power failure. (143504/CSCze94928)
Updated the FireSIGHT System User Guide to reflect that applying an access control policy may cause a short pause
in traffic flow and processing. (143514/CSCze94971)
in traffic flow and processing. (143514/CSCze94971)
Access control policies now have logging capabilities for Log at Beginning and End of Connection, Log at End of
Connection, and No Logging at Connection. (143507/CSCze94975)
Connection, and No Logging at Connection. (143507/CSCze94975)
Resolved an issue where, if the system generated file events, the system incorrectly truncated file event filenames
containing colons on several pages of the web interface. (143666/CSCze94954)
containing colons on several pages of the web interface. (143666/CSCze94954)
Resolved an issue where, if you disabled an access control rule containing either an intrusion policy or a variable set
that was different from any enabled access control rules, policy apply failed and the system experienced issues.
(143871/CSCze94114, 144635/CSCze95200)
that was different from any enabled access control rules, policy apply failed and the system experienced issues.
(143871/CSCze94114, 144635/CSCze95200)
Improved diskmanager cleanup during report generation. (143933/CSCze94240, 143934/CSCze94286)
Resolved an issue where multiple IP addresses were incorrectly displayed for a single host profile.
(144259/CSCze94623)
(144259/CSCze94623)
Resolved an issue where decrypted SSL sessions displayed URLs in connection logs as http:// instead of https://.
(144485/CSCze95739)
(144485/CSCze95739)
Resolved an issue where, if you created a custom network variable named identically to a default variable but with
different capitalization, the system incorrectly assumed the custom variable and the default variable were the same
and prevented you from deleting the custom variable. (144488/CSCze95591, 144544/CSCze95599)
different capitalization, the system incorrectly assumed the custom variable and the default variable were the same
and prevented you from deleting the custom variable. (144488/CSCze95591, 144544/CSCze95599)
Resolved an issue where, if you enabled your Defense Center or managed device’s eth1 for DHCP, the system
incorrectly saved the configuration with DHCP enabled for both eth0 and eth1. (144525/CSCze95666)
incorrectly saved the configuration with DHCP enabled for both eth0 and eth1. (144525/CSCze95666)
Resolved an issue where, if you applied an access control policy with archive file types enabled on a device running
a vulnerability database (VDB) older than Version 211, policy apply failed. (144533/CSCze95570)
a vulnerability database (VDB) older than Version 211, policy apply failed. (144533/CSCze95570)
Resolved an issue where the system treated DNS traffic as OpenVPN, QQ, and Viber traffic. (144548/CSCze95536)
Resolved an issue where rule or packet latency thresholding timers could not be disabled. (144555/CSCze95704)