Cisco Cisco Firepower Management Center 2000
17
FireSIGHT System Release Notes
Version 5.3.1.6
Resolved Issues
The uninstallation process begins. You can monitor the uninstallation progress in the task queue (
System
> Monitoring > Task Status
).
Caution
Do not use the web interface to perform any other tasks until the uninstallation has completed and the
Defense Center reboots. Before the uninstallation completes, the web interface may become unavailable
and the Defense Center may log you out. This is expected behavior; log in again to view the task queue.
If the uninstallation is still running, do not use the web interface until the uninstallation has completed.
If you encounter issues with the uninstallation (for example, if the task queue indicates that the update
has failed or if a manual refresh of the task queue shows no progress for several minutes), do not restart
the uninstallation. Instead, contact Support.
Defense Center reboots. Before the uninstallation completes, the web interface may become unavailable
and the Defense Center may log you out. This is expected behavior; log in again to view the task queue.
If the uninstallation is still running, do not use the web interface until the uninstallation has completed.
If you encounter issues with the uninstallation (for example, if the task queue indicates that the update
has failed or if a manual refresh of the task queue shows no progress for several minutes), do not restart
the uninstallation. Instead, contact Support.
Step 7
After the uninstallation finishes, clear your browser cache and force a reload of the browser. Otherwise,
the user interface may exhibit unexpected behavior.
the user interface may exhibit unexpected behavior.
Step 8
Log in to the Defense Center.
Step 9
Select
Help > About
and confirm that the software version is listed correctly: Version 5.3.1.
Step 10
Verify that the appliances in your deployment are successfully communicating and that there are no
issues reported by the health monitor.
issues reported by the health monitor.
Resolved Issues
You can track defects resolved in this release using the Cisco Bug Search Tool
(
(
https://tools.cisco.com/bugsearch/
). A Cisco account is required. The following sections list the issues
resolved in the Version 5.3.1.6 update.
Issues Resolved in Version 5.3.1.6:
•
Security Issue
Addressed multiple vulnerabilities in SSLv3 that allowed external attacks on client
connections, as described in CVE-2014-8275 and CVE-2015-0204.
•
Security Issue
Addressed multiple vulnerability issues in Linux, NTP, and other third parties, as
described in CVE-2011-2699, CVE-2011-4131, CVE-2012-3400, CVE-2013-1944,
CVE-22013-4545, CVE-22013-21944, and CVE-22014-29296.
CVE-22013-4545, CVE-22013-21944, and CVE-22014-29296.
•
Security Issue
Addressed an arbitrary script injection vulnerability allowing unauthenticated,
remote attackers to exploit GNU C library DNS resolution functionality, as described in
CVE-2013-7423.
CVE-2013-7423.
•
Resolved an issue where managed devices stopped processing traffic when the Defense Center
updated a large security intelligence feed referenced in an access control policy during a policy
apply. (CSCus19921)
updated a large security intelligence feed referenced in an access control policy during a policy
apply. (CSCus19921)
•
Resolved an issue where running the
sudo ips_profile
shell command on a device running at least
Version 5.3 that is registered to a Defense Center running at least Version 5.4 caused the rule profiled
script to fail. (CSCuu02211)
script to fail. (CSCuu02211)
•
Resolved an issue where the Cisco cloud continuously checked for an updated download and caused
system issues. (CSCuu04844)
system issues. (CSCuu04844)
•
Resolved an issue where, if you applied an access control policy set to
Block
as the default actions
to an ASA FirePOWER device, the system incorrectly reverted the policy's default action to
Reset
instead of
Block
. (CSCuu60713)