Cisco Cisco Firepower Management Center 2000 Notas de publicación
19
FireSIGHT System Release Notes
Version 5.3.1.3
Resolved Issues
•
Improved SFDataCorrelator capabilities. (CSCut23688)
•
Resolved an issue where the system ignored source network access control rule conditions when
processing traffic. (CSCut23929)
processing traffic. (CSCut23929)
•
Troubleshooting generated by a failure now includes IPv6 information. (CSCut48083)
Because you can update your appliances from Version 5.3.1 to Version 5.3.1.3, this update also includes
the changes in all updates from Version 5.3.1.3 through Version 5.3.1. Previously resolved issues are
listed by version.
the changes in all updates from Version 5.3.1.3 through Version 5.3.1. Previously resolved issues are
listed by version.
Issues Resolved in Version 5.3.1.1:
•
Security Issue
Addressed multiple cross-site scripting (XSS) vulnerabilities.
•
Security Issue
Addressed multiple cross-site request forgery (CSRF) vulnerabilities.
•
Security Issue
Addressed multiple HTML injection vulnerabilities.
•
Security Issue
Addressed multiple Denial of Service (DoS) vulnerabilities as described in
CVE-2014-0196, and CVE-2014-3153.
•
Resolved an issue where, if you added a group of stacked devices targeted by the current access
control policy to your Defense Center and reapplied the policy, the system incorrectly displayed the
list of managed devices on the Device Management page and prevented you from editing the listed
devices. (140710/CSCze92390)
control policy to your Defense Center and reapplied the policy, the system incorrectly displayed the
list of managed devices on the Device Management page and prevented you from editing the listed
devices. (140710/CSCze92390)
•
Resolved an issue where applying a single health policy to 100 or more managed devices caused
system issues. (140977/CSCze92388)
system issues. (140977/CSCze92388)
•
Resolved an issue where, if you registered an ASA FirePOWERdevice to a pair of Defense Centers
in a high availability configuration, the secondary Defense Center did not display the CSM Single
Sign-On tab on the User Management page (
in a high availability configuration, the secondary Defense Center did not display the CSM Single
Sign-On tab on the User Management page (
System > Local > User Management
).
(141150/CSCze92615)
•
Resolved an issue where syslog alerts contained incorrect intrusion rule classification data when
sent as intrusion event notifications. (141213/CSCze92467, 141216/CSCze92474,
141220/CSCze92639)
sent as intrusion event notifications. (141213/CSCze92467, 141216/CSCze92474,
141220/CSCze92639)
•
Resolved an issue where adaptive profiles failed to take effect if you used a network variable such
as
as
$HOME_NET
as the value for Networks settings. (141225/CSCze92611)
•
Resolved an issue where, if you created a configuration-only backup, the backup file included
extraneous discovery event data. (141246/CSCze92508)
extraneous discovery event data. (141246/CSCze92508)
•
Resolved an issue where, if you created a saved search that used a VLAN tag object, the system
saved the search with the value
saved the search with the value
0
in the field where you used the VLAN tag object instead.
(141330/CSCze92734)
•
Resolved an issue where, if you created a custom workflow with a large number of pages, the time
window obscured the link the to the final pages of the workflow. (141336/CSCze92873)
window obscured the link the to the final pages of the workflow. (141336/CSCze92873)
•
Resolved an issue where, in rare cases, the system did not generate a health alert when reapplying
device configuration failed. (141625/CSCze93130, 141628/CSCze93009)
device configuration failed. (141625/CSCze93130, 141628/CSCze93009)
•
Resolved an issue where, one or more unresponsive detection resources on a managed device after
installing an update of the vulnerability database (VDB) caused system issues.
(141758CSCze93100)
installing an update of the vulnerability database (VDB) caused system issues.
(141758CSCze93100)
•
Resolved an issue where, in rare cases, the system triggered an alert on the first data packet of a TCP
session from a server in which the egress interface would not be recorded. (141817/CSCze93047)
session from a server in which the egress interface would not be recorded. (141817/CSCze93047)
•
Resolved an issue where, in rare cases, applying multiple access control policies caused system
issues and high unmanaged disk usage health alerts. (141830/CSCze92990)
issues and high unmanaged disk usage health alerts. (141830/CSCze92990)
•
Resolved a third-party vulnerability in OpenSSL to address CVE-2-014-0224.
(141901/CSCze93310)
(141901/CSCze93310)