Cisco Cisco Web Security Appliance S390

85383

CSCzv21238

Although support for Secure Sockets Layer (SSL) version 2 was removed from AsyncOS, client 
to proxy communication still allowed for SSL version 2. Client to proxy requests using SSL 
version 2 now fail, which is the expected behavior. This is fixed.

85085

CSCzv56404

The Status command was reporting incorrect system resource values. This is fixed.

84195

CSCzv73908

Transaction requests were sometimes resulting in HTTP 503 errors due to DNS caching 
problems. This is fixed. 

83666

CSCzv68184

With Safe Search enabled, for URLs that included a question mark (?) in the first position after 
the domain name, for example, "example.com/?abc", transaction requests were resulting in an 
HTTP 404 error message. This is fixed. 

83479

CSCzv78744

When the disk reported a high temperature, AsyncOS was sending out frequent, redundant 
alerts. This is fixed.

82946

CSCzv27807

Non-UTF-8 characters in transaction header fields were resulting in unnecessary UTF-8 errors 
on the appliance. This is fixed. 

82857

CSCzv85035

External authentication failed with a Juniper SBR RADIUS server when RADIUS users were 
mapped to different Web Security appliance user role types using a RADIUS CLASS attribute. 
This is fixed. 

82809

CSCzv44630

Host Header spoofing in HTTP and HTTPS Requests was not prevented. Now, there is a CLI 
option in 

adminaccessconfig

 to allow only hostnames/IP addresses of existing interfaces. This 

allows restricting specific machines to a specific domain name. By default, this option is 
disabled. 

82780

CSCzv58956

Expired certificates were sometimes not detected by the appliance due to the order in which 
AsyncOS checked for errors and different actions assigned to different types of errors. AsyncOS 
now checks for all errors and applies the most restrictive action that applies.

82662

CSCzv27661

SNMP erroneously returned appliance information from the previous version of AsyncOS after 
upgrading. This is fixed. 

82415

CSCzv95909

Large Objects were taking too long to load in some cases when the client made a universal range 
request. This is fixed.

81661

CSCzv78679

On Appliances using WebRoot scanning, requests for web pages that included javascript were 
sometimes taking too long. This is fixed.

81156

CSCzv95258

Attempting to navigate from Web Security Manager to the Outbound Malware Scanning page 
was, in rare cases, producing an application fault. This is fixed. 

81055

CSCzv50828

Processing client requests sometimes took too long after updating new anti-malware rules.This 
is fixed.

77935

CSCzv40418

The Dynamic Content Analysis engine was erroneously overwriting the effective category used 
in policy decisions for new requests. This is fixed.

76250

CSCzv13897

Requires change to the user guide -- the new mask functionality. Network>Transparent 
Redirection> WCCP> Service > Advanced > Load Balancing.

73467

CSCzv63552

Rebooting the appliance without proper shutdown sometimes caused irreparable damage to the 
appliance. This is fixed.

71012

CSCzv42816

Previously, clients could not connect to HTTPS servers that did not support TLS Hello during 
the SSL handshake. This is fixed.