Cisco Cisco Firepower Management Center 2000 Notas de publicación
21
FireSIGHT System Release Notes
Resolved Issues
When an applied access control policy with a rule set has all source IPv4 addresses, the system evaluates traffic with
an IPv6 source address as if source addresses were not set in the rules. When an applied access control policy with
a rule set has all source IPv6 addresses, the system evaluates traffic with an IPv4 source address as if source
addresses were not set in the rules. When an applied access control policy with a rule set has all destination IPv4
addresses, the system evaluates traffic with an IPv6 destination address as if destination addresses were not set in
the rules. When an applied access control policy with a rule set has all destination IPv6 addresses, the system
evaluates traffic with an IPv4 destination address as if destination addresses were not set in the rules. (CSCut48596)
an IPv6 source address as if source addresses were not set in the rules. When an applied access control policy with
a rule set has all source IPv6 addresses, the system evaluates traffic with an IPv4 source address as if source
addresses were not set in the rules. When an applied access control policy with a rule set has all destination IPv4
addresses, the system evaluates traffic with an IPv6 destination address as if destination addresses were not set in
the rules. When an applied access control policy with a rule set has all destination IPv6 addresses, the system
evaluates traffic with an IPv4 destination address as if destination addresses were not set in the rules. (CSCut48596)
Resolved an issue where, in some cases, the system only processed and passed a portion of the network traffic
(CSCut53335)
(CSCut53335)
Issues Resolved in Previous Versions
Previously resolved issues are listed by version.
Issues resolved in Version 5.4.1:
Security Issue
Addressed multiple vulnerabilities in SSLv3 that allowed external attacks on client connections. The
fix addresses CVE-2014-3566.
Security Issue
Addressed an arbitrary script injection vulnerability allowing unauthenticated, remote attackers to
execute commands via Bash. The fix addresses CVE-2014-6271 and CVE-2014-7169.
Security Issue
Resolved an unauthorized vulnerability in Universal Unique Identifier (UUID) manipulation.
Security Issue
Resolved cross-site scripting (XSS) vulnerabilities in the host attribute.
Security Issue
Resolved an HTML injection vulnerability.
Improved the speed of reloading Snort configurations during access control policy apply. (112070/CSCze87966,
CSCur19687)
CSCur19687)
Resolved an issue where, if you created an SSL policy with the Session Not Cached option set to Do Not Decrypt
or Block and SSL session reuse enabled, the system displayed uncached session errors in the SSL Status column
of the Connection Events table view when the session refreshed. (143335/CSCze93608).
or Block and SSL session reuse enabled, the system displayed uncached session errors in the SSL Status column
of the Connection Events table view when the session refreshed. (143335/CSCze93608).
Resolved an issue where the system did not display data for the Network Analysis Policy column of the Intrusion
Events table view and the Connection Events table view if you registered a device running Version 5.3.X to a Defense
Center running Version 5.4. (143349/CSCze94484)
Events table view and the Connection Events table view if you registered a device running Version 5.3.X to a Defense
Center running Version 5.4. (143349/CSCze94484)
Resolved an issue where the system failed to recover if you attempted to reboot your clustered Series 3 devices after
the devices went to maintenance mode and experienced a power failure. (143504/CSCze94928)
the devices went to maintenance mode and experienced a power failure. (143504/CSCze94928)
Updated the FireSIGHT System User Guide to reflect that applying an access control policy may cause a short pause
in traffic flow and processing. (143514/CSCze94971)
in traffic flow and processing. (143514/CSCze94971)
Access control policies now have logging capabilities for Log at Beginning and End of Connection, Log at End of
Connection, and No Logging at Connection. (143507/CSCze94975)
Connection, and No Logging at Connection. (143507/CSCze94975)
Resolved an issue where, if the system generated file events, the system incorrectly truncated file event filenames
containing colons on several pages of the web interface. (143666/CSCze94954)
containing colons on several pages of the web interface. (143666/CSCze94954)
Resolved an issue where, if you disabled an access control rule containing either an intrusion policy or a variable set
that was different from any enabled access control rules, policy apply failed and the system experienced issues.
(143871/CSCze94114, 144635/CSCze95200)
that was different from any enabled access control rules, policy apply failed and the system experienced issues.
(143871/CSCze94114, 144635/CSCze95200)
Improved diskmanager cleanup during report generation. (143933/CSCze94240, 143934/CSCze94286)
Resolved an issue where multiple IP addresses were incorrectly displayed for a single host profile.
(144259/CSCze94623)
(144259/CSCze94623)