CSCvo17612
|
Return error messages when failing to retrieve objects from
database
|
CSCvo54799
|
ssh to device fails due to corrupted devpts entry in fstab
|
CSCvq70838
|
Traceback in the output of tail-logs command
|
CSCvv82681
|
RTC unstable clock register read causes "watchdog: BUG: soft
lockup - CPU#0 stuck" error on console
|
CSCvw23514
|
Update FXOS troubleshooting documentation to provide details on
isolating potential SSD HW failures
|
CSCvw90399
|
FMC HA issues with too many open file descriptors for sfipproxy
UDP conn
|
CSCvx21458
|
FMC shows error when editing prefix-list attached to active
route-map within BGP protocol
|
CSCvx68173
|
Observed few snort instances stuck at 100%
|
CSCvx68586
|
Not able to login to UI/SSH on FMC, console login doesn't prompt
for password
|
CSCvx99172
|
M500IT Model Solid State Drives on 4100/9300 may go unresponsive
after 3.2 Years in service
|
CSCvy17030
|
FMC Connection Events page "Error: Unable to process this
query. Please contact support."
|
CSCvy38650
|
Unable to download captured file from FMC Captured files UI
|
CSCvy45048
|
Subsystem query parameter not filtering records for
"auditrecords" restapi
|
CSCvy95809
|
Crashinfo script is invoked on SFR running snort2 and device
fails to upgrade to 7.0
|
CSCvy99348
|
Shutdown command reboots instead of shutting the FP1k device
down.
|
CSCvz34289
|
In some cases transition to lightweight proxy doesn't work for Do
Not Decrypt flows
|
CSCvz40586
|
Incorrect error when creating two RA-VPN profiles with different
SAML servers that have the same IDP
|
CSCvz52785
|
Management interface flaps every 13mins post upgrade from 9.12 to
9.14.2.15
|
CSCvz68713
|
PLR license reservation for ASAv5 is requesting ASAv10
|
CSCvz69729
|
Unstable client processes may cause LINA zmqio traceback on
FTD
|
CSCvz90712
|
9.17/Rare 256 block leak/exhaustion, 1550 block
overallocation
|
CSCvz94217
|
App-instance startup version is ignored and set to
running-version after copy config
|
CSCwa08640
|
MonetDB crashing due to file size error
|
CSCwa16257
|
failover is getting failed in secondary FTD when the loopback
interface is configured
|
CSCwa38996
|
Big number of repetitive messages in snmpd.log leading to huge
log size
|
CSCwa48169
|
ASA/FTD traceback and reload on netsnmp_handler_check_cache
function
|
CSCwa52215
|
Uploading firmware triggers data port-channel to flap
|
CSCwa55404
|
Multiple Cisco Products Snort SMB2 Detection Engine Policy Bypass
and DoS Vulnerability
|
CSCwa55772
|
FPR 4100 saw an unexpected reload with reason "Reset
triggered due to HA policy of Reset"
|
CSCwa69303
|
ASA running on SSP platform generate critical error
"[FSM:FAILED]: sam:dme:MgmtIfSwMgmtOobIfConfig"
|
CSCwa72641
|
URL incorrectly extracted for TLS v1.2 self signed URLs when
"Early application detection" enabled
|
CSCwa76822
|
Tune throttling flow control on syslog-ng destinations
|
CSCwa77777
|
Adding more logs to watchdog infra
|
CSCwa82850
|
ASA Failover does not detect context mismatch before declaring
joining node as "Standby ready"
|
CSCwa85297
|
Multi-instance internal portchannel VLANs may be misprogrammed
causing traffic loss
|
CSCwa85492
|
URL lookup responding with two categories
|
CSCwa89347
|
Cannot add object to network group on FMC
|
CSCwa90735
|
FTD/FXOS - ASAconsole.log files fail to rotate causing excessive
disk space used in /ngfw
|
CSCwa94440
|
syncd process exits due to invalid GID and database
synchronization issue
|
CSCwa96920
|
ASA/FTD may traceback and reload in process Lina
|
CSCwa97423
|
Deployment rollback causes brief traffic drop due to order of
operations
|
CSCwa99171
|
Chassis and application sets the time to Jan 1, 2010 after
reboot
|
CSCwa99932
|
ASA/FTD stuck after crash and reboot
|
CSCwb00871
|
ENH: Reduce latency in log_handler_file to reduce watchdog under
scale or stress
|
CSCwb01633
|
FXOS misses logs to diagnose root cause of module show-tech file
generation failure
|
CSCwb01983
|
Cisco Firepower Management Center Cross-Site Scripting
Vulnerability
|
CSCwb01990
|
Cisco Firepower Management Center Cross-Site Scripting
Vulnerability
|
CSCwb02689
|
FXOS should check reference clock stratum instead of NTP server
local clock stratum
|
CSCwb03704
|
ASA/FTD datapath threads may run into deadlock and generate
traceback
|
CSCwb04000
|
ASA/FTD: DF bit is being set on packets routed into VTI
|
CSCwb04975
|
FTD Snort3 traceback in daq-pdts while handling FQDN based
traffic
|
CSCwb05148
|
Cisco ASA Software and FTD Software SNMP Denial of Service
Vulnerability
|
CSCwb06318
|
FTD - Unable to issue "configure manager edit" to FMC
entries in Pending state
|
CSCwb08393
|
SSL policy deploy failing when using special characters on SSL
rule names
|
CSCwb18602
|
crontab -e unable to find editor
|
CSCwb19664
|
Malware Block false positives triggered after upgrade to version
7.0.1
|
CSCwb20206
|
FTD: Logs and Debugs for SSL/TLS traffic drop due to NAP in
Detection Mode
|
CSCwb22359
|
Portmanager/LACP improvement to avoid false restarts and increase
of logging events
|
CSCwb25809
|
Single Pass - Traceback due to stale ifc
|
CSCwb27099
|
FXOS: Third-party interop between Ciena Waveserver with firepower
chassis.
|
CSCwb28123
|
FTD HA deployment fails with error "Deployment failed due to
major version change on device"
|
CSCwb31551
|
When inbound packet contains SGT header, FPR2100 cannot
distribute properly per 5 tuple
|
CSCwb32107
|
FMC shows limited interfaces in policy-based routing config
|
CSCwb34240
|
Log rotation failure of files process_stdout.out and
process_stderr.out - syslog-ng. High disk usage
|
CSCwb34970
|
External authentication with Radius server fail on a 2k
platform
|
CSCwb38406
|
GeoDB updates on multi-domain environment requires a manual
policy deployment
|
CSCwb38961
|
Bootstrap After Upgrade failed due to Duplicate Key of Network
Object
|
CSCwb39431
|
FTD unified logs do not print the log as per rfc5424 standard
|
CSCwb40662
|
ENH: FCM should include option for modifying the interface 'link
debounce time'
|
CSCwb41854
|
Cisco FTD Software and Cisco FXOS Software Command Injection
Vulnerability
|
CSCwb43629
|
License and rule counts telemetry data incorrectly generated for
HA managed devices
|
CSCwb44048
|
Event Rate on FMC Health Monitoring Dashboard shows extremely
high values
|
CSCwb46481
|
SNMPv3 not working after upgrade of FMC
|
CSCwb48166
|
FXOS upgrade to 2.11 is stuck
|
CSCwb51821
|
Disk usage errors on Firepower Azure device due to large backup
unified files under ngfw directory
|
CSCwb57213
|
FTD - Unable to resolve DNS when only diagnostic interface is
used for DNS lookups
|
CSCwb57524
|
FTD upgrade fails - not enough disk space from old FXOS bundles
in distributables partition
|
CSCwb57615
|
Configuring pbr access-list with line number failed.
|
CSCwb57988
|
The smConLogger traceback is caused by memory leak.
|
CSCwb58007
|
CVE-2022-28199: Evaluation for FTDv and ASAv
|
CSCwb58554
|
Resumed SSL sessions with uncached tickets may fail to
complete
|
CSCwb58817
|
FMC Deploying negative and positive form of BGP password command
across deployments
|
CSCwb59619
|
PM needs to restart the Disk Manager after creating ramdisk to
make DM aware of the ramdisk
|
CSCwb60993
|
FDM Need to block the deployment when a Security zone object is
not associated with an interface
|
CSCwb62059
|
Unable to login to FTD using external authentication after
upgrade
|
CSCwb65447
|
FTD: AAB cores are not complete and not decoding
|
CSCwb65718
|
FMC is stuck on loading SI objects page
|
CSCwb66382
|
ASAv - 9344 Block not created automatically after enabling
JumboFrames, breaks OSPF MD5
|
CSCwb66736
|
Multiple Cisco Products Snort SMB2 Detection Engine Policy Bypass
and DoS Vulnerability
|
CSCwb68993
|
FTD/FDM: SSL connections to sites using RSA certs with 3072 bit
keys may fail
|
CSCwb70030
|
MIO: No blade reboot during CATERR if fault severity is
non-Severe or CATERR sensor is different
|
CSCwb73678
|
/var/tmp partition fullness warning on FXOS
|
CSCwb74498
|
Cisco FXOS and NX-OS Software CDP DoS and Arbitrary Code
Execution Vulnerability
|
CSCwb78323
|
Update diskmanager to monitor cisco_uridb files in
/ngfw/var/sf/cloud_download folder.
|
CSCwb82796
|
ASA/FTD firewall may traceback and reload when tearing down IKE
tunnels
|
CSCwb83691
|
ASA/FTD traceback and reload due to the initiated capture from
FMC
|
CSCwb84677
|
FMC backup may fail due to monetdb backup failure with return
code 102
|
CSCwb85822
|
Deployment failing when collecting policies.
|
CSCwb86171
|
Breaking FMCv HA in AWS gives VTEP CONFIGURATION IS NOT SUPPORTED
FOR CURRENT PERFORMANCE TIER alert
|
CSCwb86339
|
ACP Network Validation Failure - Unable to parse ip - Can't call
method "binip" - Blank Space
|
CSCwb86565
|
FMC upgrade fails due Mismatch in number of entries between
/etc/passwd and /etc/shadow
|
CSCwb87762
|
Multiple Cisco Products Snort SMB2 Detection Engine Policy Bypass
and DoS Vulnerability
|
CSCwb88090
|
FXOS:after fxos config import new port-channel creation causing
existing port-channel flap
|
CSCwb88406
|
FMC-HA upgrade failure due to presence of this file
"update.status"
|
CSCwb89004
|
FMC DBcheck.pl hungs at "Checking
mysql.rna_flow_stats_template against the current
schema"
|
CSCwb89187
|
Flex Config allow - "timeout icmp-error hh:mm:ss"
|
CSCwb90074
|
ASA: Multiple Context Mixed Mode SFR Redirection Validation
|
CSCwb91598
|
copying FMC backup to remote storage will fail if FMC has never
connected via SSH/SCP to remote host
|
CSCwb92376
|
FMC syslog-ng daemon fails to start if log facility is set to
ALERT
|
CSCwb92583
|
upgrade with a large amount of unmonitored disk space used can
cause failed upgrade and hung device
|
CSCwb94170
|
merovingian.log file extremly big size can fill the disk
|
CSCwb95112
|
Intrusion Policy shows last modified by admin even though changes
are made by a different user
|
CSCwb95787
|
FPR1010 - No ARP on switchport VLAN interface after portmanager
DIED event
|
CSCwb96471
|
Semantic Search is enabled for IP address from 7.0
|
CSCwb99509
|
Cisco Firepower Threat Defense Software SIP and Snort 3 Denial of
Service Vulnerability
|
CSCwc00115
|
FTD registration fails on on-prem FMC
|
CSCwc02133
|
Cisco FTD Software and Cisco FXOS Software Command Injection
Vulnerability
|
CSCwc02416
|
Not re-subscribing to ISE topics after certain ISE connectivity
issues.
|
CSCwc03296
|
Upgrade fails when using DDNS Service with user and password
|
CSCwc03385
|
DOC: Changing admin password using expert mode passwd command not
supported
|
CSCwc05132
|
Unable to disable "Retrieve to Management Center
|
CSCwc05434
|
FMC shows 'File Not Stored' after download a file
|
CSCwc06833
|
Deployment failure with ERROR Process Manager failed to verify
LSP ICDB
|
CSCwc07015
|
snort3 crash due to NULL pointer in TLS Client Hello
Evaluation
|
CSCwc07431
|
FMC | Error generating configuration for policy "QoS /
Access Control Policy"
|
CSCwc08683
|
The interface's LED remains green blinking when the optical fiber
is unplugged on FPR1150
|
CSCwc10145
|
FTDv Cluster unit not re-joining cluster with error msg
"Failed to open NLP SSL listening socket"
|
CSCwc12652
|
Control-Plane ACL Non-Functional After Upgrade to 9.18(1) or
7.2.0-82 Firepower
|
CSCwc13017
|
FTD/ASA traceback and reload at at ../inspect/proxy.h:439
|
CSCwc13382
|
DCERPC traffic is dropped after upgrade to snort3 due to Parent
flow is closed
|
CSCwc18218
|
Database files on disk grow larger than expected for some
frequently updated tables
|
CSCwc18668
|
Failed user login on FMC does not record entry in audit log when
using external authentication
|
CSCwc18953
|
Deployment failure after migration of sub-interface
|
CSCwc19124
|
FMC Deployment does not start for cluster devices
|
CSCwc20153
|
IPv6 ICMP configuration is added and removed during policy
deployment
|
CSCwc22170
|
Hmdeamon not starting after disk full reported
|
CSCwc24582
|
Update diskmanager to monitor deploy directories in
/ngfw/var/cisco/deploy/db
|
CSCwc25275
|
AC Policy UI: Cannot search rules while the rules are loading
|
CSCwc26406
|
FMC: Slowness in Device management page
|
CSCwc27236
|
FMC Health Monitoring JSON error
|
CSCwc27424
|
Unable to removed not used SAL On-Premise FMC configuration
|
CSCwc27846
|
Observing Crash in QP(multicontext)-99.18(28)9 while HA sync
after upgrading and reloading.
|
CSCwc28660
|
Snort3: NFSv3 mount may fail for traffic through FTD
|
CSCwc28806
|
ASA Traceback and Reload on process name Lina
|
CSCwc29591
|
Retrospective file disposition updates fail due to incorrect
eventsecond values in fileevent tables
|
CSCwc29888
|
Monet DB stops processing connections due to failure in
allocating virtual memory
|
CSCwc30487
|
High unmanaged disk usage on Firepower 2110 device
|
CSCwc31163
|
FPR1010 upgrade failed - Error running script
200_pre/100_get_snort_from_dc.pl
|
CSCwc31457
|
ASA process with cleartext token when not able to encrypt it
|
CSCwc33076
|
JOBS_TABLE not getting purged due to foreign Key constraint
violation in policy_diff_main
|
CSCwc33323
|
FMC 7.0 - Receiving alert "health monitor process: no events
received yet" for multiple devices
|
CSCwc34818
|
The device is unregistered when Rest API calls script.
|
CSCwc35181
|
OSPF template adds "default-information-originate" to
area <area-id> nssa statement on hitting OK.
|
CSCwc35969
|
cannot add IP from event to global lists (block or do-not-block)
if similar IP is already on list
|
CSCwc37061
|
SNMP: FMC doesn't reply to OID 1.3.6.1.2.1.25.3.3.1.2
|
CSCwc38361
|
Cisco FXOS Software Command Injection Vulnerability
|
CSCwc38500
|
FMC: Extended ACL object should support mixed protocols on
different entries
|
CSCwc39525
|
FMC HA status alert "degraded - maintenance" seen
periodically after upgrade to 7.0.2
|
CSCwc40263
|
Error running script 000_start/099_check_legacy_amp_port.pl due
to json decode failure
|
CSCwc40322
|
Onboarding on-prem FMC to CDO using SecureX fails due to User
Authentication Failed error
|
CSCwc40352
|
Lina Netflow sending permited events to Stealthwatch but they are
block by snort afterwards
|
CSCwc40850
|
FMC authentication with SecureX Orchestration fails
|
CSCwc41592
|
False positives for Ultrasurf
|
CSCwc41661
|
FTD Multiple log files with zero byte size.
|
CSCwc41728
|
FMC - Cannot Edit Standard ACL with error regarding "Only
Host objects allowed"
|
CSCwc42561
|
Deploy page listing takes 1.5 to 2 mins with 462 HA device
|
CSCwc44289
|
FTD - Traceback and reload when performing IPv4 <>
IPv6 NAT translations
|
CSCwc44608
|
Selective deployment of IPS may cause outage due to incorrectly
written FTD configuration files
|
CSCwc48375
|
Inbound IPSEC SA stuck inactive - many inbound SPIs for one
outbound SPI in "show crypto ipsec sa"
|
CSCwc48853
|
SFDataCorrelator Discovery Event bottleneck can cause Connection
Event delay and backlog
|
CSCwc49369
|
When searching IPv6 rule in the access-control policy, no result
will show
|
CSCwc49952
|
Selective deploy enables interaction with SRU
interdependent-policies due to FMC API timeout
|
CSCwc50098
|
show ssl-policy-config does not show the policy when countries
are being used in source/dest network
|
CSCwc50846
|
FTD Upgrade Fail - Readiness Check Successful, but Readiness
status never shown
|
CSCwc50887
|
FTD - Traceback and reload on NAT IPv4<>IPv6 for
UDP flow redirected over CCL link
|
CSCwc50891
|
MPLS tagging removed by FTD
|
CSCwc54901
|
Scheduled tasks may not run on active FMC in HA after switchover
or split-brain resolution
|
CSCwc56003
|
Trigger FTD backup with remote storage option enabled along with
retrieval to FMC fails
|
CSCwc56048
|
AD username with trailing space causes download of users/groups
to fail
|
CSCwc57575
|
FMC: Scheduled backups working fine, but FMC email alerts
displaying it failed.
|
CSCwc59953
|
Snort3 crash with TLS 1.3
|
CSCwc60263
|
Identity Realm - Active Directory and FMC need to be as close as
possible for best download times
|
CSCwc61106
|
Unable to configure domain\username under cfg-export-policy in
FXOS
|
CSCwc62144
|
FMC does not use proxy with authentication when accessing AMP
cloud services
|
CSCwc62384
|
Vulnerabilities on Cisco FTD Captive Portal on TCP port 885
|
CSCwc64333
|
FMC GUI timeout and issues with loading http page due to exceeded
http connections
|
CSCwc65907
|
snort3 hangs in Crash handler which can lead to extended outage
time during a snort crash
|
CSCwc66671
|
FMC ACP PDF report generared in blank/0 bytes using UI
|
CSCwc67687
|
ASA HA failover triggers HTTP server restart failure and ASDM
outage
|
CSCwc68543
|
mismatch in the config pushed from FMC and running config on
FTD
|
CSCwc69583
|
Portchannel configured from FDM breaks "Use the Data
Interfaces as the Gateway" for Mgmt interface
|
CSCwc69992
|
Essentials licenses are not assigned to the device and Edit
licenses also not working
|
CSCwc70962
|
FTD/ASA "Write Standby" enables ECDSA ciphers causing
AC SSLv3 handshake failure
|
CSCwc73209
|
DOC:The default keying is only used by FCM on FXOS.
|
CSCwc76658
|
SFDataCorrelator fails to start after <7.1 to
>=7.1.0 upgrade due to compliance.rules
"session_both"
|
CSCwc77519
|
FPR1120-ASA:Primary takes active role after reloading
|
CSCwc77680
|
ASA/FTD may traceback and reload in Thread Name
'DATAPATH-0-4948'
|
CSCwc77892
|
CGroups errors in ASA syslog after startup
|
CSCwc79682
|
FMC 7.1+ allows ECMP FlexConfig depoyment
|
CSCwc80234
|
"inspect snmp" config difference between active and
standby
|
CSCwc80357
|
[Deploy Performance] degrade in deployment page on FMC
|
CSCwc81727
|
Default Domain in VPN group policy objects cannot be deleted
|
CSCwc88583
|
Deployment fails with error Invalid Snort3IntrusionPolicy mode.
Supports only inline and inline-test
|
CSCwc88897
|
ASA traceback and reload due to null pointer in Umbrella after
modifying DNS inspection policy
|
CSCwc90091
|
ASA 9.12(4)47 with user-statistics, will affects the
"policy-server xxxx global" visibility.
|
CSCwc95731
|
Policy applied to devices are not displayed in policy page of CDO
FMC
|
CSCwc98997
|
FMC - Deployment blocked when ECMP route configured via same
interface
|
CSCwc99053
|
FDM: "failover replication http" command may disappear
from FTD running config
|
CSCwc99242
|
ISA3000 LACP channel member SFP port suspended after reload
|
CSCwd00778
|
ifAdminStatus output is abnormal via snmp polling
|
CSCwd03113
|
FMC local backup fails cause of "Update Task: Database
integrity check failed" - Syslog server issue
|
CSCwd03793
|
FTD Traceback and reload
|
CSCwd05443
|
Config-dispatcher to fail the deployment immediately when
download fails, instead of failing later
|
CSCwd05756
|
FTD traceback on Lina due to syslog component.
|
CSCwd07059
|
multiple snort3 crashes after upgrading FTD from 7.2.0 to
7.2.0.1
|
CSCwd08430
|
Create a resiliency configuration option for SFTunnel to support
HA and FTD connectivity
|
CSCwd09093
|
Access rule policy page takes longer time to load
|
CSCwd09341
|
Multiple log files have zero bytes on the FMC
|
CSCwd11165
|
"Move" option is greyed out on Backup-Restore in
FMC
|
CSCwd12334
|
Deployment fails with Config Error -- proxy paired
|
CSCwd12724
|
interfaces.conf may be empty after FDM policy deployment after
FTDv tier change
|
CSCwd13917
|
during download from file event on FMC, high CPU use on FMC for
20 minutes before download fails
|
CSCwd17037
|
SFDataCorrelator RNA-Stop action should not block when database
operations are hung
|
CSCwd22349
|
ASA: Unable to connect AnyConnect Cert based Auth with
"periodic-authentication certificate" enabled
|
CSCwd24639
|
Functional: FMCv patch upgrade is fails
|
CSCwd30977
|
FMC deleted some access-rules due to an incorrect delta generated
during the policy deployment.
|
CSCwd31960
|
Management access over VPN not working when custom NAT is
configured
|
CSCwd39039
|
FMC - Error message "The server response was not understood.
Please contact support." on UI
|
CSCwd40260
|
Serviceability Enhancement - Unable to parse payload are silently
drop by ASA/FTD
|
CSCwd50131
|
Upgrades are not cleaning up mysql files leading to alert for
'High unmanaged disk usage on /ngfw'
|
CSCwd51757
|
Unable to get polling results using snmp GET for connection rate
OID’s
|
CSCwd56431
|
Disable asserts in FTD production builds
|