Cisco Cisco Firepower Management Center 2000 Notas de publicación

23

FireSIGHT System Release Notes

Resolved Issues



Addressed a vulnerability that allowed an authenticated user can access system files using path 

traversal as described in CVE-2015-7851.



Improved inspection of traffic tagged by Cisco Identity Service Engine (ISE). (143060/CSCze94478)



Resolved an issue where the memory usage health monitor erroneously generated false positives. 
(144593/CSCze94840)



Resolved an issue where, if you created an intrusion rule with the source IP set to !$HOME_NET and added the 
intrusion rule to an intrusion policy, then changed the rule state to Drop and Generate Events, the system does not 
allow you to save the intrusion policy. (CSCur53155)



Resolved an issue where the show traffic-statistics CLI command did not display data for the second interface of 
an inline pair on a virtual device. (CSCur59771)



Resolved an issue where the system generated excessive and extraneous logs in the system log (syslog). 
(CSCur75622)



Resolved an issue where, if you changed the selected time zone in the Time Zone Preference tab on the User 
Preferences page, the system did not reflect daylight savings time. (CSCur92028)



Resolved an issue where the system included both raw HTTP packets and reassembled packets in event counts. 
(CSCus68893)



Resolved an issue where, if you applied an access control rule containing a network object or group that had been 
previously deleted from a primary or active Defense Center in a high availability configuration, the secondary or 
passive system did not recognize the network object or group as deleted and experienced issues. (CSCut54187)



Resolved an issue where, if you applied a NAT policy to a pair of clustered devices, policy apply on the secondary 
device failed and the system separated the cluster. (CSCut98774)



Resolved an issue where, if you created an access control policy with a URL category condition and the system 
loaded a partial database, the system experienced issues. (CSCuu06714)



Resolved an issue where a SSH session did not time out when it should. (CSCuu21037)



Resolved an issue where, in some cases, creating traffic profiles generated multiple errors. (CSCuu22704)



Resolved an issue where, if you enabled at least two management interfaces and your system lost connectivity to 
one of the interfaces, the system defaulted to an incorrect gateway IP address and you could not access the 
interface. (CSCuu44020)



Improved eStreamer performance. (CSCuu94902)



Syslog messages now populate information for the following fields: HTTP Referrer, User Agent, and Referenced 
Host. (CSCus18179)



The system only supports one normal IP address for virtual router interfaces on clustered Series 3 devices. 
(CSCut58601)



Improved health alert notifications for failed malware cloud lookups. (CSCut77594)



Resolved an issue where, if the system experienced two sequential system failures, the system fell into bypass mode 
even if you configured non-bypass mode. (CSCut80892)



Resolved an issue where using the show managers CLI command on a device registered to a system with multiple 
interfaces configured caused the system to display the incorrect IP address. (CSCut95947)



Resolved an issue where, if you created a file policy configured to Inspect Archives, the network map experienced 
issues and the system stopped processing traffic. (CSCuu14892)