Cisco Cisco Firepower Management Center 2000
Firepower System Release Notes
Resolved Issues
29
Step 8
Select Configuration > ASA FirePOWER Configuration > System Information and confirm that the
software version is listed correctly: Version 6.0.
software version is listed correctly: Version 6.0.
For more information, see the Cisco ASA with FirePOWER Services Local Management Configuration Guide,
Version 6.0.
Version 6.0.
Resolved Issues
You can view defects resolved in this release using the Cisco Bug Search Tool
(
(
https://tools.cisco.com/bugsearch/
). A Cisco account is required.
The following issues are resolved in Version 6.0.1.1:
Security Issue
Addressed a Cisco Firepower System software static credential vulnerability, as described in
CVE-2016-1394.
Improved the reliability of intrusion performance reporting. (CSCuv35007)
Resolved an issue where a Series 3 device in high availability environment configured with a virtual switch as
an endpoint dropped communication if the high availability pair experienced a fail-over and the secondary
device became the primary device. (CSCux11121)
an endpoint dropped communication if the high availability pair experienced a fail-over and the secondary
device became the primary device. (CSCux11121)
Resolved an issue where, if you configured Cisco Redundancy Protocol (SFRP) via an IPv6 address on a
Series 3 high availability pair with routed or hybrid interfaces, and the system experienced a fail-over, the
system incorrectly handled sessions shared between the high availability pair members. (CSCux73498)
Series 3 high availability pair with routed or hybrid interfaces, and the system experienced a fail-over, the
system incorrectly handled sessions shared between the high availability pair members. (CSCux73498)
Resolved an issue where deployment failed if you unregistered an ASA Firepower module from a Firepower
Management Center and switched the device to an ASA FirePOWER device managed by ASDM, then
attempted to save the access control policy containing web application conditions. (CSCux80311)
Management Center and switched the device to an ASA FirePOWER device managed by ASDM, then
attempted to save the access control policy containing web application conditions. (CSCux80311)
Improved the general stability of deploying access control policies. (CSCux91984)
Resolved an issue where, if you create an access control rule containing the Uncategorized URL category in
the Category tab, the rule matched against any URL condition rather than the configured Uncategorized URL
category. (CSCux94309)
the Category tab, the rule matched against any URL condition rather than the configured Uncategorized URL
category. (CSCux94309)
Resolved an issue where, if you created an access control policy on a system running Version 6.0. or earlier
and updated the system to Version 6.0.1 or later, then edited the access control policy, the system did not
save the modifications. (CSCuy04151)
and updated the system to Version 6.0.1 or later, then edited the access control policy, the system did not
save the modifications. (CSCuy04151)
Improved general tunnel decoding in routed environments. (CSCuy15661)
Resolved an issue where, if you deployed an SSL policy with the action set to Block or Block with reset to a
Cisco ASA with FirePOWER Services device (ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X,ASA
5555-X, ASA 5585-X-SSP-10, ASA 5585-X-SSP-20, ASA 5585-X-SSP-40, or ASA 5585-X-SSP-60),
traffic matching the SSL rule caused system issues. (CSCuy31908)
Cisco ASA with FirePOWER Services device (ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X,ASA
5555-X, ASA 5585-X-SSP-10, ASA 5585-X-SSP-20, ASA 5585-X-SSP-40, or ASA 5585-X-SSP-60),
traffic matching the SSL rule caused system issues. (CSCuy31908)
Resolved a rare issue where, if you enabled Inspect HTTP Responses as a server-level http normalization
option, the system did not detect files containing 16,000 or more non-printable characters. (CSCuy43267,
CSCuy43369)
option, the system did not detect files containing 16,000 or more non-printable characters. (CSCuy43267,
CSCuy43369)
Improved the ability to add additional network interfaces to an NGIPSv device. (CSCuy45603)
Improved general stability when deploying configuration. (CSCuy52294)
Improved the stability of event processing while deleting a domain. (CSCuy60808)
Resolved an issue where the system did not consistently block traffic that were SPDY-enabled. (CSCuy65157)
Improved general performance of network mapping. (CSCuy83259)
Resolved an issue where the configuration options for Firepower Management Center high availability
appeared in the Integration page of the user interface even though high availability is not supported for
Firepower Management Centers. (CSCuy96369)
appeared in the Integration page of the user interface even though high availability is not supported for
Firepower Management Centers. (CSCuy96369)