First Published: December 3, 2025

Introduction to Cisco Secure Workload, Release 4.0.2.5

This document describes the features, bug fixes, and behavior changes, if any, for the Cisco Secure Workload software patch Release 4.0.2.5. This patch is associated with Cisco Secure Workload software major Release 4.0.1.1. For more information, see Cisco Secure Workload Release Notes, Release 4.0.1.1.


Note

Agents upgrade to this version will fail, unless cluster and agents are running at least 3.10.6.3 version.

Release Information

Release Version: 4.0.2.5

Published Date: December 03, 2025

Resolved and Open Issues

The resolved and open issues for this release are accessible through the Cisco Bug Search Tool. This web-based tool provides you with access to the Cisco bug tracking system, which maintains information about issues and vulnerabilities in this product and other Cisco hardware and software products.


Note

You must have a Cisco.com account to log in and access the Cisco Bug Search Tool. If you do not have one, register for an account.

For more information about the Cisco Bug Search Tool, see the Bug Search Tool Help & FAQs.

Resolved Issues

Identifier

Headline
CSCwr89903 Memory limiting on Windows TetSen.exe process may not work
CSCwr89957 TetSen.exe consumes too much memory
CSCws07592 Excessive Lag in Flow Analyitcs Pipeline can cause HDFS to enter SafeMode
CSCws12498 Agent installer script fails on Debian/Ubuntu in 4.0.1.1

CSCws12561

CSW: Delayed Policy Push for Short-Lived Pods

CSCws20720 Disk Usage critical on longevity

Open Issues

Identifier

Headline
CSCwf43558 Services failures after upgrade with orchestrator dns name not resolvable.
CSCwh45794 ADM port and pid mapping is missing for some ports.
CSCwk80972 CollectorSSLCheck and collector services failing
CSCwm30965 Increased DNS Queries to metadata.google.internal from On-Prem Cluster Going to External DNS Server
CSCwm40398 Multiple packages have been flagged with CVE 2022-1471 in RHEL8.9 system
CSCwm80745 Cisco Vulnerabilities Workloads Multiple selections across pages does not work in the UI
CSCwn15340 Failure in applying manual threat intelligence updates
CSCwn61888 RHEL OS CVEs Inconsistencies report.
CSCwn73226 User uploaded SSL certs for UI are not honored during upgrade
CSCwn75424 Azure agentless enforcement out-of-band change not being detected
CSCwn86124 Windows Agent - Missed Packets graph not being populated
CSCwn90706 Vulnerabilities page shows a backend service error
CSCwn99675 Installation of threat intelligence datasets rpms is failing
CSCwo11089 Customers would see temporary spikes in escaped flows when running policy analysis.
CSCwo53910 Commissioning of replaced baremetals is failing on postinstall playbook
CSCwo66813 Upgrade failing with VMMGR_CREATE_VMS_FAILURE
CSCwp15933 AI Policy Discovery feature under certain workspace the process fails to complete throws an exception
CSCwp28822 Incorrect workload license usage
CSCwp36145 Quick Policy Analysis for Analysed flows provides incorrect policy mapping
CSCwp46016 Global Visulaization dashboard does not display results on using filters
CSCwp67461 ENH: Add Minimum Supported TLS Version (1.2) in CSW SaaS User Guide and Implement OpenSSL Version Pre-Check in Agent Installation Script
CSCwp95305 Windows Enforcement Agent Does Not Support Multiple Executables Per ANY Policy Rule
CSCwp97029 CSW 3.9.1.x : False positive scenario of flow rejection for permitted policies
CSCwq00489 Enforcement not pushed to FMC access control policies
CSCwq02029 Ingest or virtual appliance remaining in pending registration state
CSCwq19946 At times, Quick Policy Analysis fails to provide outcome

CSCwq20873

Intermittent incomplete results using Quick Hypothetical Flow Analysis

CSCwr97565

 ACI In line documentation points to the wrong location

CSCws02884

PDF Download and PDF send in Reporting page is slow

Contact Cisco Technical Assistance Center

If you cannot resolve an issue using the online resources listed above, contact Cisco TAC: