Cisco Cisco FirePOWER Appliance 7020
Version 5.2.0.6
Sourcefire 3D System Release Notes
24
Issues Resolved in Version 5.2.0.6
•
Security Issue
https://na8.salesforce.com/articles/Informational/000002045
. (131040)
•
Security Issue
Resolved an issue where the Sourcefire 3D System web
server had the potential to execute system commands as root. Special
thanks to Detmar Liesen and Christian Rahmen at Information und Technik
Nordrhein-Westfalen (IT.NRW) for reporting this issue. (131737)
•
Security Issue
Eliminated a vulnerability that could allow an attacker to
execute Linux commands via the filter search field on the System Log page.
For more information, log in to the Customer Center and access the KB
(131738)
Version 5.2.0.2
•
Resolved an issue where, in some cases, if you configured passive
interfaces and assigned them to a passive security zone in the object
manager, the device configuration apply failed. (125119)
•
Resolved an issue where, in rare cases, the system did not provide URL
Category or URL Reputation values for unknown URLs. (125151)
•
Resolved a hardware issue where a virtual switch did not pass IPv6 traffic if
you did not configure IPv6 support on the connected hybrid interface.
(125306)
•
Resolved an issue where, in some cases, the system triggered false
positive intrusion events on the SMTP preprocessor rules 124:1 and 124:3.
(124688)
•
Resolved an issue where traffic matched an access control policy block rule
and the system evaluated it against the access control policy default action
and the system evaluated it against the access control policy default action
configured as an intrusion policy. (124732)
•
Resolved a synchronization issue where, in rare cases, clusters lost their
clustered status. (125497)
•
Resolved an issue where accessing the intrusion rule editor from the packet
view (Analysis > Intrusion > Events) caused the system to display an error
message and log the attempt as an unauthorized action. (125770)
•
Resolved an issue with the Sourcefire Data Correlator where complex
queries slowed the system’s ability to process new connection events.
(125754)
•
Updated Sourcefire documentation to reflect that when you reimage a
device with interfaces configured to fail open, they will revert to a
non-bypass (fail closed) configuration at first boot and remain closed until
you configure bypass mode for them. (125957)