CSCuz25599
|
Firepower Threat Defense CLI command system support run-rule-profiling exits prematurely
|
CSCuz44985
|
Erroneous syslog messages cause excessive upgrade times/failures
|
CSCva42408
|
Ev AnalysisUI: Domain column disappears after switching to Secondary Firepower Management Center
|
CSCvb01438
|
Syslog deployment fails
|
CSCvb81481
|
No Input/Output packet for Port-channel in Firepower Threat Defense 4100
|
CSCvc09017
|
Show Nat flows on Firepower 7000/8000 series devices displays incorrect data
|
CSCvc21275
|
Internal error on editing the NAT policy after import
|
CSCvc55027
|
context explorer slow to load due to db deadlocks in rna_client_app_payload
|
CSCvc92854
|
Firepower Management Center does not detect changes if they are configured via FlexConfig.
|
CSCvd34694
|
Enabling SSL Decryption blocks legitimate traffic
|
CSCvd93621
|
Unable to edit performance settings in advanced section of Access Control policy
|
CSCve31387
|
No CPU alert on 8000 Series, when snort is overwhelmed.
|
CSCve31938
|
Changes Made to Objects Referenced Only by FlexConfig not Recognized for Deployment
|
CSCve34640
|
SSL policy causing inspection engine (snort) processes stop unexpectedly
|
CSCve55973
|
configure ssh-access-list command does not work 6.2.x
|
CSCve58826
|
Issues with multiple pending UserEnforcementSnapshot tasks
|
CSCve70416
|
SSL policy with Decrypt-Resign action does not decrypt traffic with ECDSA certificates
|
CSCve71562
|
Implement a mechanism to track the status between ISE pxgrid and Management Center pairs
|
CSCve74524
|
User Agent does not properly report group names with special characters in the name
|
CSCve82410
|
Port Scan does not block scans
|
CSCve85996
|
Deployment timeouts after 30 minutes due to expand of ACE during deployment
|
CSCve86182
|
Reserved Characters in access control/ Prefilter policy rule name may fail Threat Defense Deployment
|
CSCve88096
|
File Events may incorrectly show Device Not Activated for capacity handled files
|
CSCve91343
|
Firepower Threat Defense: With CC mode enabled, NGFWv IPSec performance degraded 10-20%
|
CSCve96463
|
False positives for TCP Session Hijacking in routed deployments
|
CSCve97046
|
threat_name table prune cannot keep up with insertion
|
CSCve97395
|
Syslog and SNMP do not work for Prefilter Policy on Firepower Threat Defense
|
CSCvf10088
|
Migration fails when access-list contains vxlan port
|
CSCvf13106
|
EIGRP system defined template for every time deployment is not working
|
CSCvf20259
|
ids_event_alerter output is missing attribute names on Firepower Threat Defense devices
|
CSCvf20753
|
Changing text object is not making flex object dirty to be deploy
|
CSCvf22930
|
Firepower 9300 running ASA 9.7.1.10 Threat Defense high availability traceback in Datapath
|
CSCvf23425
|
SSL handshake error and timeout occurs when HTTPS traffic is passed through GRE tunnel
|
CSCvf25415
|
Spaces in IP range in Access Control Policy can cause deploy to fail
|
CSCvf26676
|
With SSL inspection, Snort can terminate unexpected in SideChannel
|
CSCvf27435
|
SSL Monitor - Event matches wrong access control rule
|
CSCvf36492
|
Management Center high availability configuration is not always reflected correctly on sensors
|
CSCvf36796
|
Flood of captive portal messages
|
CSCvf40650
|
Certificates not synced to Standby/All certificates cleared on Standby post deployment failure
|
CSCvf41773
|
Threshold configuration files have old unneeded policies
|
CSCvf44801
|
Intrusion rule with multiple negations can be trigger false positives
|
CSCvf47736
|
TCP connection not reset on when SSL rule action action set to block with reset
|
CSCvf48889
|
Memory leak in ActionQueueScrape.pl can cause stacked Firepower devices to hang
|
CSCvf52889
|
Delay of end of connection events for SSL traffic
|
CSCvf58260
|
Categories missing from security intelligence events
|
CSCvf59214
|
User sessions without email might cause database issues
|
CSCvf63022
|
Application is not being identified for RTP stream
|
CSCvf63871
|
Inspection engine CPU usage high if SSL policy or captive portal are enabled
|
CSCvf64730
|
Incorrect upper limit for Intrusion Event Database records on Management Center virtual.
|
CSCvf64831
|
Firepower Management Center reports incorrect IPv6 addresses and ports
|
CSCvf67573
|
Errors during interface creation/deletion and config save
|
CSCvf69012
|
Unassigning Flexconfig object that has MPF config removes service-policy and pmap but not class-map
|
CSCvf70092
|
Resource Leak in SFTop10Cacher leads to deadlock
|
CSCvf70381
|
Malware embedded in an archive may not get blocked
|
CSCvf72930
|
Firepowe Threat Defense may traceback in Thread Name appAgent_monitor_nd_thread during registration
|
CSCvf73976
|
Increase the timeout for interface messages in ASAConfig.pl
|
CSCvf74790
|
OGS and TCM commands are negated by Firepower Management Center during policy deployment
|
CSCvf76566
|
S4000-K9 // Cannot add object to the network group (Firepower Management Center 682412623)
|
CSCvf77469
|
Packet loss during Server Hello when SSL policy verdict is Do Not Decrypt causes failures
|
CSCvf78924
|
Maximum Transmission Unit (MTU) setting ignored on managed devices, leading to dropped packets
|
CSCvf83436
|
Management Center Cannot add route-lookup keyword when using any as destination interface object
|
CSCvf86487
|
Intelligent Application Bypass drop percentage does not work as expected
|
CSCvf87538
|
Syslog ID is reset to 111111 when editing syslog settings
|
CSCvf90350
|
Firepower Management Center policy deploy fails on using banner values without line breaks
|
CSCvf91209
|
SI transaction on sensor should use the same directory for staging
|
CSCvf92782
|
PAT pool fails to be enabled on Japanese GUI
|
CSCvf93232
|
User can access URLs without active authentication if traffic is not decrypted
|
CSCvf95108
|
Action_queue tables not pruning successful/failure tasks
|
CSCvf95494
|
Routes are not applied on a 7000/8000 series devices in Cluster
|
CSCvf96656
|
After creating an access control rule with app filters via REST API, cannot access policy from UI
|
CSCvf97107
|
Retransmit delay when first packet lost with Decrypt-Resign or Do Not Decrypt SSL policy action
|
CSCvg04071
|
changing the system hostname in Management Center UI causes Device registration failure on 6.2.2
|
CSCvg04361
|
With SafeSearch on, user cannot access some websites using AES-CBC ciphers
|
CSCvg06695
|
Firepower 2100 Threat Defense pair reporting failed status due to Detect service module failure
|
CSCvg07052
|
RealID+TempID in Sybase makes SFDataCorrelator incorrectly assign TempID to new logins
|
CSCvg08988
|
Access Control Rule is not created in snort if source zone and destination zone are the same
|
CSCvg17478
|
Traceback with Show OSPF Database Commands
|
CSCvg21478
|
User/Group Downloads fail with non-ascii characters in included/excluded groups
|
CSCvg22873
|
Threat Defense Virtual: Azure, waagent.log file grows without bounds and needs to rotate
|
CSCvg23287
|
nfm_exceptiond exited unexpectedly is_allocator FATAL m_mutex->tryLock error
|
CSCvg23401
|
Firepower Management Center is not displaying VPN configuration.
|
CSCvg25287
|
Add mysql-server.err file to logrotate.d in Firepower Threat Defense
|
CSCvg25358
|
Set oom-killer priorities
|
CSCvg25694
|
Assert Traceback, thread name : cli_xml_server
|
CSCvg28321
|
Improve user group lookup handling by broadcasting info to all snort instances
|
CSCvg32885
|
Unable to edit or Deployment missing some of the access control rules after upgraded to 6.2.0.3
|
CSCvg34306
|
ENH - The memcap for Security Intelligence URL feeds needs to be increased.
|
CSCvg35384
|
snort crash deleteSessionByKey found when access control policy edited and malware traffic is sent
|
CSCvg42347
|
6.2.0.3 upgrade failed on standby 4140 at script 800_post/755_reapply_sensor_policy.pl
|
CSCvg42478
|
SFDaco can sometimes fail to respond to For Policy changes discovered during realm sync
|
CSCvg43193
|
Unable to change OSPF md5 key
|
CSCvg47955
|
CloudAgent segfault on Firepower Threat Defense
|
CSCvg52296
|
Threat Defense 5506 does not send a block page for URL filtering when using BVI switched interfaces
|
CSCvg53208
|
Application protocol field missing in connection events
|
CSCvg54460
|
[SFR onbox] ADI.conf removed on policy deployment
|
CSCvg55040
|
Health monitoring for 7000/8000 series devices does not set bypass rules on recovery
|
CSCvg55713
|
Search Rules field clears when moved to next page.
|
CSCvg56106
|
DHCP relay agents configured not visible on GUI
|
CSCvg56681
|
Upgrade framework scripts incorrectly delete rc symlinks
|
CSCvg56985
|
If Management Center backup dies in the middle, events are not received on the Management Center
|
CSCvg58754
|
Policy Deployment hangs on Threat Defense 6.2.1+ when cluster message and ack comes out of order
|
CSCvg60323
|
D/R HTTPS connections fail in browsers that enforce OCSP must staple
|
CSCvg64722
|
Firepower Threat Defense in high availability mode in Active-Failed state
|
CSCvg65044
|
When network packets are transmitted out-of-order, some SSL sessions may not be established
|
CSCvg66697
|
segfault in ssl_handshake::sig_hash
|
CSCvg66706
|
SFDataCorrelator deadlock core due to slow User Identity event processing
|
CSCvg66844
|
Excessive log messages found no record for Realm and excessive database queries
|
CSCvg67206
|
Traffic loss and pdts_daq_dext_process nse interface intialization has not occurred errors
|
CSCvg71777
|
Access control rules deleted/added back in every alternate deploy when VXLAN port UDP:4789 is used
|
CSCvg72472
|
user/group download timeout on slow network link - timeout needs to be increased
|
CSCvg75447
|
Duplicate User Group Names across AD/Realm causes the user download to fail
|
CSCvg76542
|
Correlation rule for connection Reason is not should fire when event has no Reason
|
CSCvg84474
|
Space in port range for an access control policy rule causes error that prevents rule editing
|
CSCvg92679
|
Use active authentication if passive or VPN identity cannot be established check gets disabled
|
CSCvg94742
|
Force Break from Management for Firepower Threat Defense devices fails to break pair
|
CSCvg96525
|
SFDataCorrelator deadlock during whitelist host evaluation
|
CSCvg97874
|
FireAMP Cloud events are not available for eStreamer clients
|
CSCvg99382
|
Restore backup that was created on remote storage and transferred locally has a problem
|
CSCvh01083
|
NAT rules with route-lookup option are exported with different original and translated object names
|
CSCvh07446
|
On 7000/8000 devices, many IPs in a single access control rule will match rule incorrectly
|
CSCvh12075
|
Firepower Threat Defense devices in high availability might go into reboot loop one after the other
|
CSCvh12510
|
system support identity-debug
|
CSCvh18106
|
Firepower Management Center- Flexconfig-Removal of EIGRP Authentication every time during deployment
|
CSCvh21873
|
SFDataCorrelator on Firepower Management Center repeatedly crashes for corrupt user login event
|
CSCvh58373
|
FlexConfig MPF configuration does not deploy all Access-Lists and not redeploying all Class-Maps
|
CSCvh77330
|
DOC: Incorrect path for an upgrade to 6.2.2.X
|
CSCvh91577
|
IDSEventAlerter:config [ERROR] Unrecognized keyword: ssl_policy_UUID
|