Cisco Cisco FirePOWER Appliance 8130 Notas de publicación
Version 5.3.0.5
Sourcefire 3D System Release Notes
25
Resolved Issues
•
Security Issue
Eliminated a CSRF vulnerability (CVE-2014-2028) in the User
Management page that could allow an attacker to activate, deactivate, edit,
or delete user accounts. Special thanks to Liad Mizrachi Check Point
Security Research Team for reporting this issue. (136914)
•
Resolved an issue where the system provided incorrect speed data for fiber
interfaces with speeds of 4GB and faster. (137484)
•
Security Issue
Eliminated an XSS vulnerability (CVE-2014-2275) in the
Scheduling page, the Health Monitor page, and the event viewers that could
allow an attacker to access and disclose information, imitate user actions
and requests, or execute arbitrary JavaScript. Special thanks to Adi Volkovitz
Check Point Security Research Team for reporting this issue. (137850,
137853, 137856)
•
Resolved an issue where, after you disconnected and reconnected the fiber
interfaces on a Series 3 managed device, the system did not reestablish the
network connection. (138099)
Version 5.3
•
Improved the performance and stability of VPN. (116996, 119698, 123636)
•
Resolved an issue where modifying the device configuration on a clustered
stack and immediately applying the changes caused the apply to fail and the
system to display an error message in the task status queue. (121625)
•
Resolved an issue where, in some cases, installing a new intrusion rule
update caused custom intrusion rule classifications referenced by
correlation rules to revert to predefined classifications. (122163)
•
Resolved an issue where, in some cases, network discovery policies did not
function as expected if you applied two or more network discovery rules
constrained by the same zones and networks that were configured to
discover a different combination of hosts, users, and applications. (122853)
•
Resolved an issue where LDAP authentication could fail if the DNS entries
in your network environment for your LDAP server's hostname and IP
address did not match. (123447)
•
Resolved an issue where updates of the Sourcefire 3D System required
upwards of three hours on Series 3 appliances. (124148)
•
Resolved an issue where, in some cases, you could not edit a device group
if it contained an inactive managed device. (124286)
•
The system now generates an error message when you attempt to install
an intrusion rule update while the system is already running an update of
the Sourcefire 3D System. (124290)
•
Resolved an issue where, in rare cases, the Defense Center did not back up
events onto remote storage. (124350)
•
Resolved an issue where, in some cases, the system displayed an
erroneous Please wait, loading... message. (124918)
•
Improved the performance of Nmap scans. (124999)