Cisco Cisco Firepower Management Center 2000 Notas de publicación
23
FireSIGHT System Release Notes
Resolved Issues
Security Issue
Addressed a vulnerability that allowed an authenticated user can access system files using path
traversal as described in CVE-2015-7851.
Improved inspection of traffic tagged by Cisco Identity Service Engine (ISE). (143060/CSCze94478)
Resolved an issue where the memory usage health monitor erroneously generated false positives.
(144593/CSCze94840)
(144593/CSCze94840)
Resolved an issue where, if you created an intrusion rule with the source IP set to !$HOME_NET and added the
intrusion rule to an intrusion policy, then changed the rule state to Drop and Generate Events, the system does not
allow you to save the intrusion policy. (CSCur53155)
intrusion rule to an intrusion policy, then changed the rule state to Drop and Generate Events, the system does not
allow you to save the intrusion policy. (CSCur53155)
Resolved an issue where the show traffic-statistics CLI command did not display data for the second interface of
an inline pair on a virtual device. (CSCur59771)
an inline pair on a virtual device. (CSCur59771)
Resolved an issue where the system generated excessive and extraneous logs in the system log (syslog).
(CSCur75622)
(CSCur75622)
Resolved an issue where, if you changed the selected time zone in the Time Zone Preference tab on the User
Preferences page, the system did not reflect daylight savings time. (CSCur92028)
Preferences page, the system did not reflect daylight savings time. (CSCur92028)
Resolved an issue where the system included both raw HTTP packets and reassembled packets in event counts.
(CSCus68893)
(CSCus68893)
Resolved an issue where, if you applied an access control rule containing a network object or group that had been
previously deleted from a primary or active Defense Center in a high availability configuration, the secondary or
passive system did not recognize the network object or group as deleted and experienced issues. (CSCut54187)
previously deleted from a primary or active Defense Center in a high availability configuration, the secondary or
passive system did not recognize the network object or group as deleted and experienced issues. (CSCut54187)
Resolved an issue where, if you applied a NAT policy to a pair of clustered devices, policy apply on the secondary
device failed and the system separated the cluster. (CSCut98774)
device failed and the system separated the cluster. (CSCut98774)
Resolved an issue where, if you created an access control policy with a URL category condition and the system
loaded a partial database, the system experienced issues. (CSCuu06714)
loaded a partial database, the system experienced issues. (CSCuu06714)
Resolved an issue where a SSH session did not time out when it should. (CSCuu21037)
Resolved an issue where, in some cases, creating traffic profiles generated multiple errors. (CSCuu22704)
Resolved an issue where, if you enabled at least two management interfaces and your system lost connectivity to
one of the interfaces, the system defaulted to an incorrect gateway IP address and you could not access the
interface. (CSCuu44020)
one of the interfaces, the system defaulted to an incorrect gateway IP address and you could not access the
interface. (CSCuu44020)
Improved eStreamer performance. (CSCuu94902)
Syslog messages now populate information for the following fields: HTTP Referrer, User Agent, and Referenced
Host. (CSCus18179)
Host. (CSCus18179)
The system only supports one normal IP address for virtual router interfaces on clustered Series 3 devices.
(CSCut58601)
(CSCut58601)
Improved health alert notifications for failed malware cloud lookups. (CSCut77594)
Resolved an issue where, if the system experienced two sequential system failures, the system fell into bypass mode
even if you configured non-bypass mode. (CSCut80892)
even if you configured non-bypass mode. (CSCut80892)
Resolved an issue where using the show managers CLI command on a device registered to a system with multiple
interfaces configured caused the system to display the incorrect IP address. (CSCut95947)
interfaces configured caused the system to display the incorrect IP address. (CSCut95947)
Resolved an issue where, if you created a file policy configured to Inspect Archives, the network map experienced
issues and the system stopped processing traffic. (CSCuu14892)
issues and the system stopped processing traffic. (CSCuu14892)