CSCve24102

GUI should allow max 256 addresses per DHCP pool

CSCvh73096

Read sAMAccountUserName from ISE when it is available

CSCvk26612

"default Keyring's certificate is invalid, reason: expired" health alert

CSCvk43854

Cisco Firepower Threat Defense Detection Engine Policy Bypass Vulnerability

CSCvm40288

Port-Channel issues on HA link

CSCvm48451

Intrusion Event Performance Graphs load blank on 4100 and 9300

CSCvm68648

review of CVE-2016-8858 (OpenSSH) on Firepower software

CSCvm76266

Lina traceback in Thread Name: cli_xml_server

CSCvm82966

Linux Kernel 4.14 Vulnerabilities

CSCvn24594

add NTPDATE update of blade sysclock from the supervisor before starting NTPD

CSCvn77388

SDI - SUSPENDED servers cause 15sec delay in the completion of a authentication with a good server

CSCvn81898

Device name doesn't exist in a syslog message if syslog alerting for connection events is configured

CSCvn83385

Cisco FTD, FMC, and FXOS Software PAM Denial of Service Vulnerability

CSCvo11280

ASA Enhancement: Generate syslog message once member of the SDI cluster changes state

CSCvo14961

ASA may traceback and reload while waiting for "dns_cache_timer" process to finish.

CSCvo28118

Traceback in VPN Clustering HA timer thread when member tries to join the cluster

CSCvo29989

Cisco FirePower Threat Defense Information Disclosure Vulnerability

CSCvo43795

OSPF Process ID doesnot change even after clearing OSPF process

CSCvo66546

Firepower frequent traceback and restart on SFDataCorrelator process

CSCvo68448

ASA report SFR module as 'Unresponsive' after reloading ASA module on 5585 platform

CSCvo73250

ENH: ACE details for warning "found duplicate element"

CSCvo74397

ENH: Add process information to "Command Ignored, configuration in progress..."

CSCvo83169

Cisco ASA Software and FTD Software FTP Inspection Denial of Service Vulnerability

CSCvo86038

Simultaneous FINs on flow-offloaded flows lead to stale conns

CSCvo86940

PROMPTING FOR PASSWORD WHEN TRYING TO CONFIGURE enic, vfio-pci , igb_uio ON BLADE

CSCvo90998

LACPDUs should not be sent to snort for inline-set interfaces

CSCvp04186

cts import-pac tftp: syntax does not work

CSCvp12582

Option to display port number on access-list instead of well known port name on ASA

CSCvp19910

Unable to process gtpv1 identification req message for header TEID : 0

CSCvp19998

ASA drops GTPV1 SGSN Context Req message with header TEID:0

CSCvp23579

Network FIle Trajectory page takes 90 seconds to load each time

CSCvp33052

Firepower 8000 interfaces might flap due to unhandled resource temporarily unavailable issue

CSCvp33341

Cisco ASA and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerability

CSCvp46173

Changes in interface-group or interface-zone in subdomain overwrites Global domain.

CSCvp49576

FTD traceback due to watchdog on xlate_detach

CSCvp54261

Audit syslog for SFR module/7000/8000 devices uses TCP instead of UDP for syslog communication

CSCvp55901

LINA traceback on ASA in HA Active Unit repeatedly

CSCvp55941

FILE RESUME BLOCK being randomly thrown causing access issues on files from SMB share.

CSCvp58028

natd thread of nfm_exceptiond uses about 90% to 100% CPU time

CSCvp67257

USGv6 Failures From Kernel Upgrade [3.10 to 4.14]

CSCvp67626

2100 upgrade failure in 000_start/125_verify_bundle.sh when gateway IP improperly set

CSCvp72244

Evaluate Cisco 8000 series for CVE-2019-11815

CSCvp76944

Cisco ASA and FTD Software WebVPN CPU Denial of Service Vulnerability

CSCvp84546

ASA 9.9.2 Clientless WebVPN - HTML entities are incorrectly decoded when processing HTML

CSCvp87623

Upload an update gives "update request entity too large" error when using CAC(HTTPS Client Certs)

CSCvp97061

URL Filtering Shows All URLs as Uncategorized

CSCvp97799

Policy deploy failure 6.5.0-1148 post upgrade with CC mode with openSSL call during SSL pol Export

CSCvp98066

On reset CD not clearing its flags[parseFailoverReqIssued] which prevents further node join attempts

CSCvp99137

ASA on Firepower 2100: Excessive amount of DNS queries on Management Interface

CSCvq00675

Linux Kernel sas_expander.c Race Condition Arbitrary Code Execution ...

CSCvq01459

LINA Traceback after upgrade to 9.12.2.1

CSCvq05113

ASA failover LANTEST messages are sent on first 10 interfaces in the configuration.

CSCvq06790

Snort processes dump core with memory corruption on Series 3 devices

CSCvq08684

Policy Deployment Failure due to Special Characters & encoding

CSCvq09093

VPN Pre-deploy validations takes around 20 seconds for each device

CSCvq11513

Traceback: "saml identity-provider" command will crash multi-context ASAs

CSCvq12411

ASA may traceback due to SCTP traffic despite fix CSCvj98964

CSCvq13442

When deleting context the ssh key-exchange goes to Default GLOBALLY!

CSCvq16123

Firepower Dynamic Snort Rules are Disabled After a Deployment Involving a Snort Reload

CSCvq17263

FTD LINA traceback at DATAPATH-8-15821

CSCvq19525

Evaluation of sfims for TCP_SACK

CSCvq21607

"ssl trust-point" command will be removed when restoring backup via CLI

CSCvq24134

ASA IKEv2 - ASA sends additional delete message after initiating a phase 2 rekey

CSCvq25626

Watchdog on ASAv when logging to buffer

CSCvq25775

FTD Firepower 2100: external authentication fails if bind user password contains special characters

CSCvq26794

GTP response messages with non existent cause are getting dropped with error message TID is 0

CSCvq27010

Memory leak observed when ASA-SFR dataplane communication flaps

CSCvq28250

ENH: ASA Cluster debug for syn cookie issues

CSCvq32681

Fail to Wire configuration disabled for multiple interface-pair inline-sets during FTD upgrades

CSCvq36042

lost heartbeat causing reload

CSCvq39083

Security Intelligence does not drop HTTPS connections to blacklisted URLs when SSL policy is enabled

CSCvq39317

ASA is unable to verify the file integrity

CSCvq40943

FTD 4150 VPN s2s deployment failure with 6K spokes

CSCvq44665

FTD/ASA : Traceback in Datapath with assert snp_tcp_intercept_assert_disabled

CSCvq46918

SNMPv3 User(s) deleted after upgrade

CSCvq50314

Failed SSH Login attempts not being exported via syslog

CSCvq54242

Warrning "There is an empty group in the source networks" in SSL policy

CSCvq54667

SSL VPN may not be able to establish due to SSL negotiation issue

CSCvq56138

User login fails into FMC GUI for LDAP user if the password contains SPACE in the string

CSCvq56462

File policy not inspecting some malware document (.doc) and Adobe flash (.swf) files.

CSCvq60131

ASA traceback observed when moving EZVPN spokes to the device.

CSCvq63024

Dual stacked ASAv manual failover issues

CSCvq64742

ASA5515-K9 standby traceback in Thread Name ssh

CSCvq65092

Slow device related REST API calls

CSCvq65241

ASA Traceback on Saleen in Thread Name: IPv6 IDB

CSCvq65542

Disable asp load-balance per-packet functionality from fp2100 until all bugs fixed

CSCvq69111

Traceback: Cluster unit lina assertion in thread name:Cluster controller

CSCvq70468

ASA cluster does not flush OSPF routes

CSCvq70485

Slow "securityzones" REST API

CSCvq75743

ASA:BGP recursive route lookup for destination 3 hop away is failing.

CSCvq76533

F_RNA_EVENT_LIMIT for MC4000 should be 20 million

CSCvq77547

Connections fail to replicate in failover due to failover descriptor mis-match on port-channels

CSCvq80318

ASA generates incorrect error message about PCI cfg space when enumerating Internal-Data0/1

CSCvq80735

Cannot add neighbor in BGP when the neighbor is on the same subnet as one interface

CSCvq81516

VPN events between 12 and 1 PM UTC are not displayed on the FMC

CSCvq91645

Flow Offload Hashing Change of Behavior

CSCvf83160

Traceback on Thread Name: DATAPATH-2-1785

CSCvg01007

https pdf attachment issues

CSCvg74603

eStreamer archive events are not pruned correctly by diskmanager

CSCvi63474

Unable to edit the system policy of a SFR module via ASDM after upgrading to 6.2.2

CSCvk14242

sfstunnel process in FTD is holding large cloud db files that are already deleted

CSCvm27111

FTD Lina traceback while removing OSPF configuration.

CSCvm36362

Route tracking failure

CSCvm50421

ASA traceback on slave/standby during sync config due to OSPF/EIGRP and IPv6 used together in ACE

CSCvm70274

tcp proxy: ASA traceback on DATAPATH

CSCvm88294

High Disk utilization due to partition force drain not occurring

CSCvn25605

FTW: Bypass LED stays on solid amber even after total recovery of sensor

CSCvn34246

Loading AC policy editor takes too long, needs loading indicator

CSCvn45750

FMC Audit Logs will only display Admin and System as owners when deploying to 3D devices -GUI/SYSLOG

CSCvn57284

Unsupported EC curve x25519 on FTD

CSCvn66248

Configuring "boot config" has no effect if file was modified off-box and copied back on

CSCvn76875

Graceful Restart BGP does not work intermittently

CSCvn78597

Firepower block page not displayed on MS IE11 and Edge for HTTPS blocked sites when proxy is enabled

CSCvo03700

ASA may traceback in thread logger when cluster is enabled on slave unit

CSCvo24145

ids_event_alerter high memory usage due to large firewall_rule_cache table

CSCvo31695

Traceback in threadname DATAPATH-0-1668 while freeing memory block

CSCvo33348

Mysql traffic on non standard port is not correctly classified

CSCvo33851

ngfwManager doesn't start if ngfw.properties is empty

CSCvo43679

FTD Lina traceback, due to packet looping in the system by normaliser

CSCvo48838

Lina does not properly report the error for configuration line that is too long

CSCvo50168

Audit Log Settings Failing Leading to being unable to edit System Settings

CSCvo51265

SCP large file transfer to the box result in a traceback

CSCvo54799

ssh to device fails due to corrupted devpts entry in fstab

CSCvo56836

SCALE: with 500+ devices, UMS causes the UI to hang, especially during deploy

CSCvo60862

Internal Error when editing an Access Control Policy

CSCvo62060

Telemetry not sent when FMC managing lots of devices

CSCvo65464

FPR2100: EIGRP routes with learned over port channel interface become Infinite FD

CSCvo66534

Traceback and reload citing Datapath as affected thread

CSCvo70866

SGT tag shows untagged in server packet for every client packet with SGT tag with some value

CSCvo72179

For SMB, remote storage configuration should allow configuring version string with dot(.)

CSCvo72232

ERR_SSL_BAD_RECORD_MAC_ALERT or SSL_ERROR_BAD_MAC_ALERT in the browser

CSCvo74350

ASA may traceback and reload. Potentially related to WebVPN traffic

CSCvo74625

6.4.0 - IPv6 routing doesn't work for WM and KP when mgmt gateway configure as data-interfaces

CSCvo74745

cloud agent core after generating a large number of continuous URL lookups (>30M)

CSCvo78789

Cisco Adaptive Security Appliance Smart Tunnel Vulnerabilities

CSCvo80501

Standby Firewall reloads with a traceback upon doing a manual failover

CSCvo81073

Unable to load Device Management page or upgrade FMC due to missing NGFWHA EO

CSCvo81260

FMC "FQDN" via API causes all objects within a network attribute to be "ANY"

CSCvo83574

Device goes into a bad state when switching the inline set from TAP mode

CSCvo87930

HTTP with ipv6 using w3m is failing

CSCvo88188

SSL rules with App-ID conditions can limit decryption capability

CSCvo88306

NAT rules can get applied in the wrong order when you have duplicate rules

CSCvo89224

FMC times out after 10 mins to fetch device list for deployment

CSCvo90153

ASA unable to authenticate users with special characters via https

CSCvo90550

Firepower Recommendations does not enable IPS rules that are GID 3

CSCvo90805

Cisco Firepower Management Center RSS Cross-Site Scripting Vulnerabilities

CSCvo93872

Memory leak while inspecting GTP traffic

CSCvo94486

Snort process exits while processing Security Intelligence.

CSCvp03498

Health monitoring options for user identity functionality on FMC.

CSCvp07143

DTLS 1.2 and AnyConnect oMTU

CSCvp09150

Cisco ASA Software Web-Based Management Interface Privilege Escalation Vulnerability

CSCvp12052

ASA may traceback and reload. suspecting webvpn related

CSCvp16979

ssl and daq debug logs can't be enabled/disabled dynamically

CSCvp18878

ASA: Watchdog traceback in Datapath

CSCvp21837

Allow FTDs to perform URL lookups directly without having to go through the FMC Pre 6.5.0

CSCvp23137

ASA/FTD generates syslog for missing SSD 2: /dev/sdb is present. Status: Inoperable.

CSCvp24787

(snort)File is not getting detected when going over HTTPS (SSL Resign)

CSCvp25581

in FMC-HA user_group_map entries are wiped out in split-brain

CSCvp25583

FTD sets automatically metric 0 when we redistribute OSPF into BGP via FMC GUI.

CSCvp25782

EventHandler core while pruning metadata cache

CSCvp27263

Multiple ClamAV Vulnerabilities For Cisco Firepower Management Center for pre 6.5.0

CSCvp29245

FTD and FDM operations fail due to depleted disk space from excessive eventing logs

CSCvp32617

"established tcp" does not work post 9.6.2

CSCvp35359

FMC-ISE integration doesn't work if explicit UPN doesn't match implicit UPN

CSCvp36425

Cisco ASA & FTD Software Cryptographic TLS and SSL Driver Denial of Service Vulnerability

CSCvp37779

FTD show tech from troubleshooting files incomplete

CSCvp38808

FP2100: Removal of fault "The password encryption key has not been set."

CSCvp43474

REST API query /api/fmc_config/v1/domain/UUID/devices/devicerecords fails

CSCvp43536

On upgraded FMC Device FXOS devices are shown dirty even after successful deployment.

CSCvp46341

Fail-to-Wire (FTW) Ports fail to recover on 2100 Firepower platforms.

CSCvp54634

Wrong rule matched when using ambiguous DND

CSCvp58310

integrate pxgrid capability, connection hang, curl hang issues

CSCvp72488

Firepower: AMP for network connectivity failure after upgrading to 6.3.0.2+

CSCvp72601

FMC UI: VPN Hub and Spoke topology slow loading

CSCvp72770

BCDB file copy from FMC on to vFTD getting truncated, vFTD running on Azure platform.

CSCvp78197

Policy deployment remove and add back ospf neighbor

CSCvp81967

Slowness in loading Device Management page on FMC when there are over 500 managed devices

CSCvp82945

NAT policy apply failing with error duplicate

CSCvp96934

Ensure Error Message with Dup NATs Is Clear and Actionable

CSCvq08684

Policy Deployment Failure due to Special Characters & encoding

CSCvq34224

Firepower Primary Detection Engine process terminated after Manager upgrade

CSCvq61651

URL DB download failure alerts on FMC; new URL DB updates not taking effect on FMC/FDM

CSCvi16224

snmp-server host command for SNMPv3 doesn't apply properly when deploy ASAv VM on NFVIS (KVM) system

CSCvi62112

Blocking BPDU via FlexConfig on FTD Transparent causes deployment and registration issues

CSCvj06993

ASA HA with NSF: NSF is not triggered properly when there is an Interface failure in ASA HA

CSCvj82652

Deployment changes are not pushed to the device due to disk0 mounted on read-only

CSCvk06386

FTD Files are Allowed Through Multiple Pre-existing Connections Despite the File Policy Verdict

CSCvm00066

ASA is stuck on "reading from flash" for several hours

CSCvm16724

FXOS ASA/FTD needs means to poll Internal-data interface counters

CSCvm35373

Pruner process fails to start due to configuration

CSCvm62846

restore of TID | Config only backup failed:

CSCvm86008

Policy Deployment: Delta config doesn't get copied to running config, LINA config remains unchanged

CSCvn07452

712x devices become unstable when switching inline set from TAP to inline

CSCvn09383

Manual URL lookup returns Uncategorized if same URL is entered second time without "www." part

CSCvn25949

Digitial Signature Verification Failed during upload of Rest-Api image to ASA

CSCvn30108

The 'show memory' CLI output is incorrect on ASAv

CSCvn31347

ACL Unable to configure an ACL after access-group configuration error

CSCvn38453

ASA: Not able to load Quovadis Root Certificate as trustpoint when FIPS is enabled

CSCvn44222

6.3.0-79: HA upgrade/deployment fails from from missing RAVPN diskfiles on secondary

CSCvn49854

Subsequent HTTP requests not retrieving URL and XFF

CSCvn67137

ASA5506 may slowly leak memory when using NetFlow

CSCvn67570

amp-stunnel.conf does not point to correct amp cloud server post FMC upgrade

CSCvn68527

KP:AnyConnect used IP from pool shows as available

CSCvn71592

After FMC reboot, intrusion events generated by Snort are not sent to FMC and show up in webGUI

CSCvn74112

FTDv does not have configuration on initial bringup with mix of vmxnet3 and ixgbevf interfaces

CSCvn75368

FPR platform IPsec VPN goes down intermittently

CSCvn78593

Control-plane ACL doesn't work correctly on FTD

CSCvn78870

ASA Multicontext traceback and reload due to allocate-interface out of range command

CSCvn82895

Diskmanager may not track all event files

CSCvn87965

While associating FMC with TG account, FMC should not redirect users to TG console

CSCvn95711

Traceback on Thread Name: Unicorn Admin Handler after adding protocol to IKEV2 ipsec-proposal

CSCvn96898

Memory Leak in DMA_Pool in binsize 1024 with SCP download

CSCvn99712

Cisco Firepower Management Center Persistent Cross-Site Scripting Vulnerability

CSCvo02097

Upgrading ASA cluster to 9.10.1.7 cause traceback

CSCvo04444

Ikev2 tunnel creation fails

CSCvo06216

Support more than 255 chars for Split DNS-commit issue in hanover for CSCuz22961

CSCvo09046

Upgrading ASA cluster to 9.10.1.7 cause low memory

CSCvo13497

Unable to remove access-list with 'log default' keyword

CSCvo19247

Traceback while processing an outbound SSL packet

CSCvo21210

PDTS has incorrect numa node info resulting in incorrect load balancing

CSCvo23222

AnyConnect session rejected due to resource issue in multi context deployments

CSCvo23366

Deploy failed because adaptive profiling config file corrupt

CSCvo27109

Standby may enter reboot loop upon upgrading to 9.6(4)20 from 9.6(4)6

CSCvo29973

ssl rules with cipher suite conditions can cause unneeded tls 1.3 downgrade

CSCvo31353

SSL connections may fail when URL categories are used and certificate common name doesn't match

CSCvo39094

Delay/Longer processing time to insert policy deploy task after selecting the device for deploy

CSCvo40210

Update Talos RSS feed in dashboard widget

CSCvo42174

ASA IPSec VPN EAP Fails to Load Valid Certificate in PKI

CSCvo42884

Cannot make Site-to-site VPN changes on FTD after upgrading to 6.3

CSCvo43693

FTD HA creation fails due to multiple files modules*.tgz and vdb*.tgz being transferred from FMC

CSCvo44064

aggressive downgrade action is taken when url look up is pending due to no sni

CSCvo45209

FTD-CLUSTER:Adding new unit in cluster can cause traffic drop

CSCvo45675

FMC upgrade process should check configuration that would be invalid after upgrade

CSCvo50230

SSL Connections to uncategorized URLs may fail repeatedly

CSCvo55151

crypto ipsec inner-routing-lookup should not be allowed to be configured with VTI present

CSCvo55282

Policy deploy fails when user is able to enter invalid inline port range in AC Rule accidentally

CSCvo56675

ASA or FTD traceback and reload due to failover state change or xlates cleared

CSCvo56895

Some donut charts on the Context Explorer failing to load

CSCvo61091

eStreamer memory and CPU grow when sending NAP policy metadata

CSCvo63168

temp_id leak if Sybase connection fails

CSCvo63232

UIMP not updating users from a realm that resides in a child domain.

CSCvo63240

Smart Tunnel bookmarks don't work after upgrade giving certificate error

CSCvo67454

Invalid port range object causes AC policy deploy to fail

CSCvo72238

FMC backup fails when FTD cluster is managed in domain and sub-domain AC Policy is assigned to it

CSCvo74743

FMC-HA changes to child domain on primary, not getting to ADI.conf on secondary

CSCuy90400

Enhancement to support extended master secret in SSL

CSCva62256

Appliance status widget taking too long with 500 sensors

CSCvd03903

Firepower is affected by TCP Dump Vulnerability

CSCvd12834

FP Audit Logs do not log passed and failed SSH authentication attempts

CSCve29930

Cannot configure LOM on secondary FMC from HA pair

CSCvf20266

Firepower Management Center System Configuration Email Notification Password Length Too Short

CSCvh13022

SSL decryption is bypassed when client hello payload is < 6 bytes

CSCvi97028

fmc GUI too slow when configuring unreachable syslog server

CSCvi97500

AMP Cloud event on Firepower Management Center are seen with different file types

CSCvj65154

FMC failing to communicate with SSM when proxy password contains @ character

CSCvj74643

Enabling Use CAC authentication and authorization on AD breaks RADIUS when changed.

CSCvj87287

simultaneous flood of REST-API requests to FMC results in inaccessibility

CSCvj97229

'User Name Template' should be required filed for external authentication object for CAC in FMC

CSCvk19946

Sftunnel service broken due to cache archive data flooding

CSCvk39339

Unable to run the scheduling report generation on Japanese FMC

CSCvk55634

Random policy deployment failure due to stuck notification for policy deployment

CSCvk56988

Cisco ClamAV MEW unpacker Denial of Service Vulnerability

CSCvm46014

Copy config should not fail if standby device is corrupted on FTD HA

CSCvm47713

SSL policy disallows viewing of PDF on *.lightning.force.com when Chrome browser is used

CSCvm59983

The file-size directive returns invalid input error and breaks the captures from clish

CSCvm64230

verify_firmwareRunning() return code not checked

CSCvm76760

FMC - External RADIUS authentication - Text in the "Shell Access Filter" field is not validated

CSCvm80933

ssl policy can match incorrect rule when server uses a cert with wildcard common name

CSCvm87315

FTD registration can fail because of TID in RegistrationTR::addToLamplighter

CSCvm91280

Intrusion Events Report Date, Hour Of Day, Day Of Week comes in UTC and Time comes in local timezone

CSCvm96339

/dev/root partition will fill to 100% due to archive_cache_seed.sensor file

CSCvn03507

"set ip next-hop verify-availability" is applied incorrectly with subsequent deployments

CSCvn05797

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

CSCvn06618

On LINA config rollback the startup-config is being merged with the default running

CSCvn08146

Missing audit detail for changes to x509 certificates and keys

CSCvn14650

Linux Kernel Use-After-Free Race Condition Vulnerability

CSCvn16489

AMP Dynamic Analysis's clouds should be tracked separately for submission rates.

CSCvn19289

Multiple Vulnerabilities in curl

CSCvn20411

Device management page never loads and times out after an error message

CSCvn21899

Firepower: Disable TLS 1.0 permanently for SFTunnel communication

CSCvn23701

Deployment failed with - ftp_telnet.conf(4) => Invalid keyword 'memcap' for 'global' configuration.

CSCvn30118

mysql-server.err file is not fully deleted and keeps consuming Firepower disk space

CSCvn31753

ssl inspection policy may cause SEC_ERROR_REUSED_ISSUER_AND_SERIAL browser error

CSCvn31793

TLS 1.3 connections reported as 1.2 in FMC connection events

CSCvn36393

exclude tls1.0 and tls1.1 in stunnel config file

CSCvn46121

Security Intelligence IP monitor Events are not sent to syslog if default action logs to syslog

CSCvn53131

snort validation error during policy apply after FMC upgrade

CSCvn53732

Modified SSL connections that are not decrypted should be closed

CSCvo02577

Buffer exhaustion with SSL HW decryption

CSCvo11743

fpreplication snapshot streaming loops when last batch is 100% full.