Bugs

For bugs in earlier releases, see the release notes for those versions. For cloud deployments, see the Cisco Cloud-Delivered Firewall Management Center Release Notes.

Important

We do not list open bugs for maintenance releases or patches.

Bug lists are auto-generated once and may not be subsequently updated. If updated, the 'table last updated' date does not mean that the list was fully accurate on that date—only that some change was made. Depending on how and when a bug was categorized or updated in our system, it may not appear in the release notes. If you have a support contract, you can obtain up-to-date bug lists with the Cisco Bug Search Tool.

Open Bugs

Open Bugs in Version 7.0.0

Table last updated: 2022-11-02

Table 1. Open Bugs in Version 7.0.0
Bug ID	Headline
CSCvr74863	CIP-Multiservice shows wrong service Attributes
CSCvx21050	Snort3 UDP performance down up to 50% relative to snort2
CSCvx25425	snort3 ssl - tickets from undecrypted sessions are not cached for subsequent policy decisions
CSCvx30175	Snort3 - SMTP closing TCP flags are not propagated correctly
CSCvx63788	Edit policy in new window for AC Policy default action IPS policy shows error pop-up
CSCvx64252	Event Search errors out when using FQDN object search for initiator
CSCvx67856	FTD7.0: Promethues process doesnt come up when system ungracefully rebooted
CSCvx89720	User-based access control rules for RA VPN users may not apply as expected after 7.0.0 upgrade
CSCvx96452	Some HTTP2 TLS traffic ends with TCP RST, not TCP FIN, after complete payload transmission
CSCvx96452	Snort3 - Connection events sporadically show Allow action for traffic hitting SSL Block with Reset
CSCvx99179	FDM-VMWARE: nikita-incremen core during upgrade from 6.5 or higher to 7.0/7.1
CSCvy02879	FDM ISA 3000 HA goes into active-active state
CSCvy07113	7.0.0-1459 :FTPs traffic(malware file) is not blocked with file policy config,specifi to QP platform
CSCvy13572	7.0 - Downgrade to LSP version used in 6.7 causes deployment failure
CSCvy19415	After switching FTD HA, (secondary,active) sends primary device name in syslog message
CSCvy26742	Deployment failure when 1k rules are uploaded on 7.0.0-62 KVM vFTD
CSCvy27261	Snort2 and Snort3 Events view need enhancements to provide more clarity
CSCvy31096	Host rediscovery in case of snort configuration reload
CSCvy32550	Correlation fiiltering on snort3 custom rule message fails because rule is not built with GID 2000
CSCvy35352	Error handling for Suppression settings needed in certain conditions
CSCvy38070	File/Malware Event Report fails when date is x-axis and count y-axis for table chart
CSCvy39840	SI TALOS feed updates are not synced to rule file
CSCvy43483	Snort Toggle sometimes takes longer time to toggle to Snort 2
CSCvy43740	vFDM ISA HA Security Intelligence feed update throws java.lang.NullPoin
CSCvy44701	Version 7.0 FMC online help for the Snort 3 HTTP/2 inspector contains incorrect content.
CSCvy48764	SSH access with public key authentication requires user password
CSCwa16654	Firepower release 7.0.x does not support ssl_state or ssl_version keywords for Snort 3

Resolved Bugs

Resolved Bugs in Version 7.0.6.3

Table last updated: 2024-09-10

Table 2. Resolved Bugs in Version
Bug ID	Headline
CSCvy51481	FTD should show error/warning when attaching a not valid certificate to the interface for VPN
CSCwb03293	IKEv2 debugs: Received Policies and Expected Policies are empty
CSCwe11754	Nodes randomly fail to join cluster due to internal clustering error
CSCwe12645	Secondary state flips between Ready & Failed when node is rebooted and mgmt interface is shutdown
CSCwe18462	ASA/FTD: Improve GTP Inspection Logging
CSCwe18467	ASA/FTD: GTP Inspection engine serviceability
CSCwe37132	TLS Server Identity may cause certain clients to produce mangled Client Hello
CSCwe86923	In Apache MINA, a specifically crafted, malformed HTTP request may cause
CSCwf49254	cannot unregister FTD from Cisco Cloud in FDM if already unregistered/unenrolled from cloud side
CSCwf70275	FTD: TLS Server Identity does not work if size of client hello more than TCP MSS bytes
CSCwf75694	ASA - The GTP inspection dropped the message 'Delete PDP Context Response' due to an invalid TEID=0
CSCwf84318	ASA/FTD traceback and reload on thread DATAPATH
CSCwh10931	ASA/FTD traceback and reload when invoking "show webvpn saml idp" CLI command
CSCwh29276	ASA: Traceback and reload when switching from single to multiple mode
CSCwh43945	FTD/ASA traceback and reload may occur when ssl packet debugs are enabled
CSCwh48776	An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18,
CSCwh49085	Avoid unnecessary DB operations when processing derived fingerprints
CSCwh59222	SNORT3 - FTD - TSID high cpu, daq polling when ssl enabled is not pulling enough packets
CSCwh60971	NAT pool is not working properly despite is not reaching the 32k object ID limit.
CSCwh68068	Firepower WCCP router-id changes randomly when VRFs are configured
CSCwh71262	A flaw was found in glibc. In an uncommon situation, the gaih_inet fun
CSCwh83021	ASA/FTD HA pair EIGRP routes getting flushed after failover
CSCwh87058	FTD: Internal certificate generation results to certificate and private key mismatch
CSCwh94029	A flaw was found in the Netfilter subsystem in the Linux kernel. The n
CSCwh94116	A flaw was found in the Netfilter subsystem in the Linux kernel. The x
CSCwh94193	urllib3 is a user-friendly HTTP client library for Python. urllib3 doe
CSCwh95443	Datapath hogs causing clustering units to get kicked out of the cluster
CSCwi00713	A memory leak flaw was found in Libtiff's tiffcrop utility. This issue
CSCwi05240	ASA - Traceback the standby device while HA sync ACL-DAP
CSCwi06797	ASA/FTD traceback and reload on thread DATAPATH
CSCwi23964	Python 3.x through 3.10 has an open redirection vulnerability in lib/h
CSCwi24007	An issue was discovered in the Linux kernel before 6.3.3. There is an
CSCwi24116	Twisted is an event-based framework for internet applications. Prior t
CSCwi36244	In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scrip
CSCwi38662	FTD HA should not be created partially on FMC
CSCwi43492	ASA traceback and reload on Thread Name: DATAPATH
CSCwi44912	ISA3000 Traceback and reload boot loop
CSCwi49770	ASA\|FTD Traceback & reload in thread name Datapath
CSCwi52008	Snort3 traceback and restarts with race conditions
CSCwi56499	Cut-Through Proxy feature spikes CP CPU with a flood of un-authenticated traffic
CSCwi60430	CVE-2023-51385 (Medium Sev) In ssh in OpenSSH before 9.6, OS command injection might occur if a us
CSCwi68625	Continuous snmpd restarts observed if SNMP host is configured before the IP is configured
CSCwi78191	An issue was discovered in drivers/input/input.c in the Linux kernel b
CSCwi78193	An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl
CSCwi78200	A vulnerability was found in GnuTLS. The response times to malformed c
CSCwi78206	A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTL
CSCwi78941	FDM deployment fails with error "Some interfaces have been added to or removed from the device"
CSCwi79037	IKEv2 client services is not getting enabled - XML profile is not downloaded
CSCwi84314	ASA CLI hangs with 'show run' on multiple SSH
CSCwi85951	A use-after-free flaw was found in the __ext4_remount in fs/ext4/super
CSCwi85953	In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel thro
CSCwi90751	FTD/ASA - SNMP queries using snmpwalk are not displaying all "nameif" interfaces
CSCwi92924	A memory leak problem was found in ctnetlink_create_conntrack in net/n
CSCwi92927	A use-after-free vulnerability in the Linux kernel's netfilter: nf_tab
CSCwi92930	linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a den
CSCwi92932	copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1
CSCwi95796	FTD SNMP OID 1.3.6.1.4.1.9.9.109.1.1.1.1.7 always returns 0% for SysProc Average
CSCwi97836	ASA traceback and reload after configuring capture on nlp_int_tap and deleting context
CSCwi97948	EIGRP bandwidth is changing after upgrade or after "shutdown"/"no shutdown" commands
CSCwi98147	Tomcat restarts in the middle of the LTP flow due to certificate update
CSCwi99429	Policy deployment failure rollback didnt reconfigure the FTD devices
CSCwj00956	Snort process spamming syslog-ng messages so our on KP platform syslog-ng is being killed
CSCwj03112	pmtool restart of monetdb fails to bring up monetdb, too many files in monetdb Volume directory
CSCwj05151	ASA/FTD may traceback and reload in Thread Name DATAPATH due to GTP Spin Lock Assertion
CSCwj08021	The DNS message parsing code in 'named' includes a section whose compu
CSCwj08023	Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6
CSCwj08066	A denial of service vulnerability due to a deadlock was found in sctp_
CSCwj08083	An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.1
CSCwj08153	An out-of-memory flaw was found in libtiff that could be triggered by
CSCwj10451	The secondary device reloaded while rebooting the primary device.
CSCwj12924	A flaw was found in the Netfilter subsystem in the Linux kernel. The i
CSCwj14624	Backup exits with memory allocation error on 4115
CSCwj14798	TSS_Daemon process is exiting every minute
CSCwj17447	ASA/FTD may traceback and reload in Thread Name 'DATAPATH-6-26174'
CSCwj17969	rna_ip_os_map can grow very large that causes SFDataCorrelator to stop processing events
CSCwj22235	Lina traceback and reload due to mps_hash_memory pointing to null hash table
CSCwj22990	After upgrading the ASA, “Slot 1: ATA Compact Flash memory” shows a ditterent value
CSCwj24828	Issue when two FQDN objects with same IP are added in source or destination (FTD/ASA)
CSCwj25975	FTD/ASA : CSR generation with comma between “Company Name” attribute does not work expected
CSCwj28153	Lina contains outdated libexpat source code
CSCwj30980	Addition of debugs & a show command to capture the ID usage in the CTS SXP flow.
CSCwj32035	Clientless VPN users are unable to reach pages with HTTP Basic Authentication
CSCwj33487	ASA/FTD may traceback and reload while handling DTLS traffic
CSCwj33580	IKEv2 tunnels flap due to fragmentation and throttling caused by multiple ciphers/proposal
CSCwj40597	Backups fail on multi-instance (or standalone) with error "Backup died unexpectedly"
CSCwj43345	SNMP poll for some OIDs may cause CPU hogs and high latency can be observed for ICMP packets
CSCwj43355	A bug in QEMU could cause a guest I/O operation otherwise addressed to
CSCwj43466	A heap-buffer-overflow vulnerability was found in LibTIFF, in extractI
CSCwj44398	when set the route-map in route RIP on FTD, routes update is not working after FTD reload
CSCwj45822	Cisco Secure Client Unable to complete connection. Cisco Secure Desktop not installed on the client.
CSCwj48704	ASA traceback and reload when accessing file system from ASDM
CSCwj49958	Crypto IPSEC Negotiation Failing At "Failed to compute a hash value"
CSCwj51115	FMC backup remote server copy to Solar Winds remote server failing after upgrading to 7.x versions.
CSCwj55036	ASA/FTD: A delay in an async crypto command induces a traceback and subsequently a reload.
CSCwj59861	ASA/FTD may traceback and reload in Thread Name 'lina' due to SCP/SSH process
CSCwj60265	ASA/FTD may traceback and reload in Thread Name 'DATAPATH-1-16803'
CSCwj61885	File descriptor leak when validating upgrade images
CSCwj68783	FTD/ASA-HA configs not in sync as the command sync process is sending configs with special chars
CSCwj72683	ASA - Bookmarks on the WebVPN portal are unreachable after successful login.
CSCwj72721	Deployment failure and rollback when BGP communities added or removed in route-map match clause
CSCwj73061	SNMP OID for CPUTotal1min omits snort cpu cores entries when polled
CSCwj74323	ASAv Memory leak involving PKI/Crypto for VPN
CSCwj76503	Syslogs continue to be sent after disabling logging class on ASA
CSCwj82285	ASA/FTD may traceback and reload in Thread Name 'sdi_work'
CSCwj82736	TLS Handshake Fails if Fragmented Client Hello Packet is Received Out of Order
CSCwj83185	FTD/ASA : Standby FTD traceback and reload after enabling memory tracking
CSCwj83634	Seeing message "reg_fover_nlp_sessions: failover ioctl C_FOREG failed"
CSCwj86116	High LINA CPU observed due to NetFlow configuration
CSCwj87501	ASA/FTD may traceback and reload in Thread Name 'fover_FSM_thread'
CSCwj88400	FTD may traceback and reload in process name lina while processing appAgent msg reply
CSCwj88414	CVE-2023-48795 is not addressed on FMC 7.0.6.2 version
CSCwj89050	Faulty input validation in the core of Apache allows malicious or expl
CSCwj89051	In GNU tar before 1.35, mishandled extension attributes in a PAX archi
CSCwj89054	An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of
CSCwj89264	FTD HA: Traceback and reload in netsnmp_oid_compare_ll
CSCwj89315	HTTP Response splitting in multiple modules in Apache HTTP Server allo
CSCwj89402	In the Linux kernel, the following vulnerability has been resolved: n
CSCwj89404	In the Linux kernel, the following vulnerability has been resolved: b
CSCwj89406	In the Linux kernel, the following vulnerability has been resolved: b
CSCwj89417	In the Linux kernel, the following vulnerability has been resolved: d
CSCwj89425	In the Linux kernel, the following vulnerability has been resolved: B
CSCwj89434	wall in util-linux through 2.40, often installed with setgid tty permi
CSCwj89445	The iconv() function in the GNU C Library versions 2.39 and older may
CSCwj89447	less through 653 allows OS command execution via a newline character i
CSCwj95590	Browser redirects to logon page when the user clicks the WebVPN bookmark
CSCwk02804	WebVPN connections stuck in CLOSEWAIT state
CSCwk02928	ASA/FTD may traceback and reload in Thread Name PTHREAD
CSCwk04492	ASA CLI hangs with 'show run' with multiple ssh sessions
CSCwk05826	nscd: Stack-based buffer overflow in netgroup cache If the Name Servi
CSCwk05828	nscd: netgroup cache may terminate daemon on memory allocation failure
CSCwk05851	"set ip next-hop" line deleted from config at reload if IP address is matched to a NAME
CSCwk06564	Add New Syslog for Routes for NP add/delete
CSCwk07934	Clock skew between FXOS and Lina causes SAML assertion processing failure
CSCwk08576	command to print the debug menu setting of service worker
CSCwk12497	Traceback and reload on active unit due to HA break operation.
CSCwk12698	SNMP polling of admin context mgmt interface fails to show all interfaces across all contexts
CSCwk13812	ASA/FTD incorrectly forwards extended community attribute after upgrade.
CSCwk14909	Traffic drop with 'rule-transaction-in-progress' after failover with TCM cfgd in multi-ctx mode
CSCwk17637	State Link Stops Sending Hello Messages Post-Failover Triggered by Snort Crash in FTD HA
CSCwk17854	FTD doesn't send Type A query after receiving a refuse error from one DNS server in AAAA query.
CSCwk21561	Add warning message when configuring CCL MTU
CSCwk22034	Snmpwalk displays incorrect interface speeds for values greater or equal than 10G
CSCwk22759	Issue with Setting Certain Timezones (e.g. GMT+1) on Cisco ASA Firepower in Appliance Mode
CSCwk22993	In the Linux kernel, the following vulnerability has been resolved: t
CSCwk24176	FTD/ASA - VPN traffic flowing through the device may trigger tracebacks and reloads.
CSCwk25117	ENH: Add application support for blocking consecutive AAA failures on LINA
CSCwk25506	Multiple snort binaries are present (Patch or HF) at /var/sf/bin/ making tar command to fail
CSCwk25755	In the Linux kernel, the following vulnerability has been resolved: n
CSCwk25756	Requests is a HTTP library. Prior to 2.32.0, when making requests thro
CSCwk25759	In the Linux kernel, the following vulnerability has been resolved: B
CSCwk25761	In the Linux kernel, the following vulnerability has been resolved: b
CSCwk25762	In the Linux kernel, the following vulnerability has been resolved: i
CSCwk25764	In the Linux kernel, the following vulnerability has been resolved: H
CSCwk26968	Backup feature does not save/restore DAP configuration in multiple context mode.
CSCwk27830	ASA/FTD may traceback and reload in Thread Name 'lina'
CSCwk32501	256/1550 block depletion process fover_thread
CSCwk36312	High cpu on "update block depletion" causing BGP flap terminated on FTD
CSCwk40726	FMC REST API calls to get AC policy data times out, AC policy GUI slowness with larger rule query
CSCwk41806	Need to Protect LINA from getting killed by OOM
CSCwk44245	In the Linux kernel, the following vulnerability has been resolved: i
CSCwk44246	In the Linux kernel, the following vulnerability has been resolved: i
CSCwk48975	Packet-tracer output incorrectly appends 'control-plane' to drops for data-plane access-group
CSCwk50044	The various Is methods (IsPrivate, IsLoopback, etc) did not work as ex
CSCwk50055	url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo
CSCwk56443	Network address API calls taking long time to complete.
CSCwk57933	Vulnerabilities in linux-kernel CVE-2023-52439
CSCwk57949	Vulnerabilities in linux-kernel CVE-2023-52435
CSCwk62296	Address SSP OpenSSH regreSSHion vulnerability
CSCwk62381	ASA might traceback and reload due to ssh/client hitting a null pointer while using SCP.
CSCwk75030	The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/
CSCwk75033	In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause inva
CSCwk75035	Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vul
CSCwk75036	null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and

Resolved Bugs in Version 7.0.6.2

Table last updated: 2024-05-17

Table 3. Resolved Bugs in Version 7.0.6.2
Bug ID	Headline
CSCvu22491	FMC fails to connect to SSM with error "Failed to send the message to the server"
CSCvx37329	Remove Syslog Messages 852001 and 852002 in Firewall Threat Defense
CSCvx94744	FMC UI inaccessible due to flood of TSA (version 1.3) REST-API calls to FMC
CSCvy47786	Deployment preview will show unchanged/unadded comments to ACP rules
CSCvy90949	import of iips sfo with some overriden rules across sibling domains
CSCvz03407	IPTables.conf file is disappearing resulting in backup and restore failure.
CSCvz10481	sfo import fails when "import as new" option is selected
CSCvz70310	ASA may fail to create NAT rule for SNMP with: "error NAT unable to reserve ports."
CSCvz77254	Hotfix patch upgrade doesn't clean old snort3 binaries
CSCwa08084	FMC hardware appliance restore ends with an error "Unknown Failure Condition"
CSCwa22766	FMC4500/4600 shows virtual license
CSCwb41189	LINA time-sync correction
CSCwb55243	snort3 crashinfo sometimes fails to collect all frames
CSCwb95850	Snort down due to missing lua files because of disabled application detectors (PM side)
CSCwc31953	Prevention of RSA private key leaks regardless of root cause.
CSCwc40352	Lina Netflow sending permited events to Stealthwatch but they are block by snort afterwards
CSCwc44367	LSP not installed after HA failover. No LSP package found in the active LSP directory
CSCwd04135	Snort3 unexpectedly dropping packets after 4MB when using file inspection with detection mode NAP
CSCwd16850	More information is required on Syslog 202010 messages for troubleshooting
CSCwd31806	ASAv show crashinfo printing in loop continuously
CSCwd34079	FTD: Traceback & reload in process name lina
CSCwd58665	Intel Microcode Update required for FPR1000 products
CSCwd67100	ASA traceback and reload on Datapath process
CSCwd87438	Enhance logging mechanism for syslogs
CSCwe02012	ASA/FTD may traceback and reload in Thread Name 'lina'
CSCwe03631	Need to provide rate-limit on "logging history <mode>"
CSCwe06562	FPR1K/FPR2K: Increase in failover time in Transparent Mode with high number of Sub-Interfaces
CSCwe11902	FTD: HA crash and interfaces down on FPR4200
CSCwe18472	[FTD Multi-Instance][SNMP] - CPU OIDs return incomplete list of associated CPUs
CSCwe21831	add warning to FTD platform settings when VPN Logging Settings logging level is informational
CSCwe21884	Write wrapper around "kill" command to log who is calling it
CSCwe30359	Traffic drops with huge rule evaluation on snort
CSCwe33282	FTD: The upgrade was unsuccessful because the httpd process was not running
CSCwe34269	DBCheck error is unclear when monetdb is in a 'crashed' state
CSCwe47485	FTD: CLISH slowness due to command execution locking LINA prompt
CSCwe47671	High memory usage on monetDB, FMC does not show connection events
CSCwe48997	FDM: Cannot create multiple RA-VPN profiles with different SAML servers that have the same SAML IDP
CSCwe56452	BGP IPv6 configuration : route-map association with neighbour not getting deployed
CSCwe58207	Memory leak observed on ASA/FTD when logging history is enabled
CSCwe60267	FXOS fault F0853 and F0855 seen despite keyring certificates reporting renewed
CSCwe65516	show xlate does not display xlate entries for internal interfaces (nlp_int_tap) after enabling ssh.
CSCwe72330	FTD LINA traceback and reload in Datapath thread after adding Static Routing
CSCwe79990	Cisco-Intelligence-Feed - Failed to download due to timeout
CSCwe87134	ASA/FTD: Traceback and reload due to high rate of SCTP traffic
CSCwe90334	Missing Instance ID in unified_events-2.log
CSCwe93137	KP - multimode: ASA traceback observed during HA node break and rejoin.
CSCwe93176	Snort2 rule assignments missing from ngfw.rules (assignment_data table ) after FMC upgrade.
CSCwe93736	ASA not updating Timezone despite taking commands
CSCwe97939	ASA/FTD Cluster: Change "cluster replication delay" with max value increase from 15 to 50 sec
CSCwf00736	CSM backup failed within FMC backup due to modification of file while tar was reading it
CSCwf08387	LSP version not updated to latest in LINA Prompt in SSP_CLUSTER with 7.2.4 build.
CSCwf08790	FMC Restore of remote backup fails due to no space left on the device
CSCwf14031	Snort down due to missing lua files because of disabled application detectors (VDB side)
CSCwf17389	ASA accepts replayed SAML assertions for RA VPN authentication
CSCwf20215	admin user should be excluded from CLI shell access filter
CSCwf22045	MYSQL, or any TCP high traffic, getting blocked by snort3, with snort-block as Drop-reason
CSCwf25563	Device list takes longer to load while creating new AC policy
CSCwf36419	ASA/FTD: Traceback and reload with Thread Name 'PTHREAD'
CSCwf39108	Firewall rings may get stuck and cause packet loss when asp load-balance per-packet auto is used
CSCwf44621	Traceback and reload on Thread DATAPATH-6-21369 and linked to generation of syslog message ID 202010
CSCwf49486	store_*list_history.pl task is created every 5min without getting closed causing FMC slowness.
CSCwf59571	FTD/Lina - ZMQ issue OUT OF MEMORY. due to less Msglyr pool memory on certain platforms
CSCwf63589	FTD snmpd process traceback and restart
CSCwf64590	Units get kicked out of the cluster randomly due to HB miss \| ASA 9.16.3.220
CSCwf67337	FMC taking long times to save override objects even if not modified
CSCwf69880	Firewall Traceback and reload due to SNMP thread
CSCwf75695	Duplicate FTD cluster has been created when multiple cluster events comes at same time
CSCwf82447	Editing identity nat rule disables "perform route lookup" silently
CSCwf82970	Snort2 engine is crashing after enabling TLS Server Identity Discovery feature
CSCwf86557	Decrypting engine/ssl connections hang with PKI Interface Error seen
CSCwf89959	ASA: ISA3000 does not respond to entPhySensorValue OID SNMP polls
CSCwf91282	import of .SFO to FMC failed due to included local/custom rules having a blank rule message field
CSCwf92661	ASA\|FTD: Traceback & reload due to a free buffer corruption
CSCwf92726	LDAP missing files after upgrade when the Vault token is corrupted
CSCwf94450	FTD Lina traceback Thread Name: DATAPATH due to memory corruption
CSCwf99303	Management UI presents self-signed cert rather than custom CA signed one after upgrade
CSCwh00123	In Multi-manager scenario,cdFMC&Analytics FMC,FTD should only receive identity feeds from Config FMC
CSCwh01673	FTD /ngfw disk space full from Snort3 url db files
CSCwh04231	FMC needs to properly maintain Redis data directory to prevent unbounded disk usage
CSCwh09113	FPR1010 in HA failed to send or receive to GARP/ARP with error "edsa_rcv: out_drop"
CSCwh11411	Snort blacklisting traffic during deployment
CSCwh14352	Lina CiscoSSL upgrade to 1.1.1v and FOM 7.3a
CSCwh14584	Traceback seen on FTD running on Firepower 2100 series
CSCwh14863	FTD 7.0.4 cluster drops Oracle's sqlnet packets due to tcp-not-syn
CSCwh16759	SNMP is not working on the primary active ASA unit in multi-context environment
CSCwh19475	Intermittently flow is getting white-listed by the snort for the unknow app-id traffic.
CSCwh19613	ASA crashed with Saml scenarios
CSCwh19897	ASA/FTD Cluster: Reuse of TCP Randomized Sequence number on two different conns with same 5 tuple
CSCwh21474	ASA traceback when re-configuring access-list
CSCwh21772	Upgrade FxOS CiscoSSL to version 1.1.1v and FOM 7.3a
CSCwh24901	'Frequent drain of events (not unprocessed events) to be removed from FMC
CSCwh26526	SQL packets involved in large query is drop by SNORT3 with reason snort-block
CSCwh28206	Firewall Blocking packets after failover due to IP <-> SGT mappings
CSCwh30346	ASA/FTD: 1 Second failover delay for each NLP NAT rule
CSCwh36005	Policy deployment failed due to "1 errors seen during populateGlobalSnapshot"
CSCwh40106	FTD hosted on KP incorrectly dropping decoded ESP packets if pre-filter action is analyze
CSCwh40294	ASA traceback due to panic event during SNMP configuration
CSCwh41126	FMC ACP report does not shows all the access control rules
CSCwh42077	Cisco_Firepower_GEODB_FMC_Update* are not included in diskmanager
CSCwh42412	FTD Block 9344 leak due to fragmented GRE traffic over inline-set interface inner-flow processing
CSCwh45450	2100: Interfaces missing from FTD after removing interfaces as members of a port-channel
CSCwh45935	Lina core observed in 6.4.0.17-22 in Kp with scaled traffic
CSCwh47053	ASA/FTD may traceback and reload in Thread Name 'dns_cache_timer'
CSCwh47701	ASA allows same BGP Dynamic routing process for Physical Data and management-only interfaces
CSCwh49244	"show aaa-server" command always shows the Average round trip time 0ms.
CSCwh53745	ASA: unexpected logs for initiating inbound connection for DNS query response
CSCwh57976	Improve CPU utilization in ssl inspection for supported signature algorithm handling
CSCwh58467	ASA does not sent 'warmstart' snmp trap
CSCwh59199	ASA/FTD traceback and reload with IPSec VPN, possibly involving upgrade
CSCwh60504	LINA would randomly generate a traceback and reload on FPR-1K
CSCwh60604	ASA/FTD may traceback and reload in Thread Name 'lina' while processing DAP data
CSCwh60631	Fragmented UDP packet via MPLS tunnel reassemble fail
CSCwh60783	FTD - Captive portal enabled is still running despite the feature is off
CSCwh62080	additional command outputs needed in FTD troubleshoot for blocks and ssl cache
CSCwh65128	LINA show tech-support fails to generate as part of sf_troubleshoot.pl (Troubleshoot file)
CSCwh66359	ASDM can not see log timestamp after enable logging timestamp on cli
CSCwh68482	FTD: Traceback and Reload in Process Name: lina
CSCwh68878	Diskmanager process terminated unexpectedly
CSCwh69156	FTD-HA does not fail over sometimes when snort3 crashes
CSCwh69346	ASA: Traceback and reload when restore configuration using CLI
CSCwh70323	Timestamp entry missing for some syslog messages sent to syslog server
CSCwh70481	Community string sent from router is not matching ASA
CSCwh71161	ASA\|FTD: Traceback & reload in thread Name: update_mem_reference
CSCwh71665	ASA traceback under match_partial_keyword during CPU profiling
CSCwh73727	Snort3 dropping IP protocol 51
CSCwh74586	XTLS: With TSID AC-Policy configured plugin is not disengaging immediately at CH
CSCwh75829	FMC Primary disk degraded error
CSCwh77348	ASA: Traceback and reload when executing the command "show nat pool detail" on a cluster setup
CSCwh79095	Snort generating an excessive number of snort-unified log files with zero bytes
CSCwh83254	ASA/FTD: Traceback and reload on thread name CP Crypto Result Processing
CSCwh84376	In FPR4200/FPR3100-cluster observed core file ?core.lina? observed on device reboot.
CSCwh91065	Lina Traceback : Thread Name: DATAPATH during session terminate
CSCwh91574	FTD: Traceback in threadname cli_xml_request_process
CSCwh92345	crypto_archive file generated after the software upgrade.
CSCwh92541	Random FTD snort3 traceback
CSCwh93710	Last Rule hit shows a hex value ahead of current time in ASA and ASDM
CSCwh95010	Unexpected traceback on thread name Lina and device experienced reboot
CSCwh95025	GTP connections, under certain circumstances do not get cleared on issuing clear conn.
CSCwh95175	ASA/FTD may traceback and reload in Thread Name 'lina'
CSCwh95277	FTD VMWARE 7.0.5 trackbacks due to system memory exhaustion
CSCwh96055	Management DNS Servers may be unreacheable if data interface is used as the gateway
CSCwh99331	syslog not generated "ASA-3-202010: NAT pool exhausted" while passing traffic from iLinux to oLinux
CSCwi01085	FTD VMWare tracebacks at PTHREAD-3587
CSCwi01381	ASA/FTD may traceback and reload in Thread Name 'lina'
CSCwi02134	FTD sends multiple replicated NetFlow records for the same flow event
CSCwi02754	FTD 1120 standby sudden reboot
CSCwi03407	Traceback on FP2140 without any trigger point.
CSCwi04351	FTD upgrade failling on script 999_finish/999_zz_install_bundle.sh
CSCwi11520	FTD OSPFV3 IPV6 Routing: FTD is sending unsupported extended LSA request to neighbor routers
CSCwi14896	Node kicked out of cluster while enabling or disabling rule profiling
CSCwi15409	ASA/FTD - may traceback and reload in Thread Name 'Unicorn Proxy Thread'
CSCwi15595	ASA traceback and reload during ACL configuration modification
CSCwi16998	CCM Seq 58 - LTS18
CSCwi18581	Firewall traceback and reload due to SSH thread
CSCwi18663	FMC-4600: Pre-Filter policy is showing as none
CSCwi19145	FTD/ASA may traceback and reload in PKI, syslog, during upgrade
CSCwi19485	Fail open snort-down is off in inline pairs despite it being enabled and deployed from FMC
CSCwi19849	VPN load-balancing cluster encryption using Phase 2 deprecated ciphers
CSCwi20045	ASA/FTD may traceback and reload in Thread Name 'lina' due to a watchdog in 9.16.3.23 code
CSCwi20848	ASA/FTD high memory usage due to SNMP caused by RAVPN OID polling
CSCwi20955	FTD with may traceback in data-path during deployment when enabling TAP mode
CSCwi21625	FailSafe admin password is not properly sync'd with system context enable pw
CSCwi26895	ASA SNMP OID cpmCPUTotalPhysicalIndex returning zero values instead of CPU index values
CSCwi27338	Stale asp entry for TCP 443 remains on standby after changing default port
CSCwi27402	FTD: Update WM firmware to 1023.0207
CSCwi27459	Snort Crash during selection of signature algorithm ECDSA
CSCwi31091	OSPF Redistribution route-map with prefix-list not working after upgrade
CSCwi31558	file-extracts.logs are not recognised by the diskmanager leading to High disk space
CSCwi31966	FTD ADI debugs may show incorrect server_group and/or realm_id for SAML-authenticated sessions
CSCwi32063	ASA/FTD: SSL VPN Second Factor Fields Disappear
CSCwi32759	Username-from-certificate secondary attribute is not extracted if the first attribute is missing
CSCwi33817	ASA/FTD: 'IKEv2 Negotiation aborted due to ERROR: Platform errors' during a rekey
CSCwi34125	ASA: Snmpwalk shows "No Such Instance" for the OID ceSensorExtThresholdValue
CSCwi34719	Unable to SSH into FTD device using External authentication with Radius
CSCwi36311	use kill tree function in SMA instead of SIGTERM
CSCwi38061	ASA/FTD traceback and reload due to file descriptor limit being exceeded
CSCwi40193	Hairpinning of DCE/RPC traffic during the suboptimal lookup
CSCwi40487	FTD HA Failure after SNORT crash.
CSCwi40536	ASA/FTD: Traceback and reload when running show tech and under High Memory utilization condition
CSCwi42962	installing GeoDB country code package update to FMC does not automatically push updates to FTDs
CSCwi42992	ASA/FTD may traceback and reload in Thread Name IKEv2 Daemon
CSCwi43782	GTP inspection dropping packets with IE 152 due to header length being invalid for IE type 152
CSCwi44208	low memory/stress causing traceback in SNMP
CSCwi46010	ASA/FTD: Cluster incorrectly generating syslog 202010 for invalid packets destined to PAT IP
CSCwi46023	FTD drops double tagged BPDUs.
CSCwi48699	ASA traceback and reload on Thread Name: pix_flash_config_thread
CSCwi49884	TCP MSS is changed back to the default value when a VTI or loopback interface is created
CSCwi50343	Their standalone FTD running 7.2.2 on FPR-4112 experienced a traceback on the SNMP module
CSCwi53150	Service object-group protocol type mismatch error seen while access-list referencing already
CSCwi53431	Unable to Synch more then 100 environment-data with data unit
CSCwi55938	The "show asp drop" command usage requires better updates for cluster-related drops
CSCwi56048	Interface fragment queue may get stuck at 2/3 of fragment database size
CSCwi59525	Multiple lina cores on 7.2.6 KP2110 managed by cdFMC
CSCwi59831	ASA/FTD may traceback and reload in Thread Name 'lina'
CSCwi60285	ASA/FTD may traceback and reload in Thread Name 'lina'
CSCwi63113	Null pointer dereference in SNMP that results in traceback and reload
CSCwi63743	ASA/FTD may traceback and reload in Thread Name "appAgent_monitor_nd_thread" & Rip: _lina_assert.
CSCwi64829	traceback and reload around function HA
CSCwi65116	DHCPv6:ASA traceback on Thread Name: DHCPv6 CLIENT.
CSCwi66103	Lina traceback on RAVPN connection after enabling webvpn debug
CSCwi66676	ASA/FTD may traceback and reload in Thread Name 'webvpn_task'
CSCwi74214	ASA/FTD traceback and reload in Thread Name: IKEv2 Daemon when moving from active to standby HA
CSCwi75198	Standby FTD experiencing periodic traceback and reload
CSCwi75967	CCM ID 62 - LTS18
CSCwi76002	Memory exhaustion due to absence of freeing up mechanism for tmatch
CSCwi76361	Transparent firewall MAC filter does not capture frames with STP-UplinkFast dst MAC consistently
CSCwi76630	FP2100/FP1000: ASA Smart licenses lost after reload
CSCwi79042	FTD/Lina traceback and reload of HA pairs, in data path, after adding NAT policy
CSCwi79703	Incorrect Timezone Format on FTD When Configured via FXOS
CSCwi80465	CCM ID 63 - LTS18
CSCwi84615	some stdout logs not rotated by logrotate
CSCwi86198	SFData correlator keep terminating on FTDs configured for IDS
CSCwi86503	File sizes larger than 100MB for AnyConnect/Secure Client images cannot be uploaded on FMC
CSCwi87382	Traceback and reload on Primary unit while running debugs over the SSH session
CSCwi90040	Cisco ASA and FTD Software Command Injection Vulnerability
CSCwi90371	ASA:request to add "logging list" option to the "logging history" command.
CSCwi90399	FTD/ASA system clock resets to year 2023
CSCwi90571	Access to website via Clientless SSL VPN Fails
CSCwi95228	"crypto ikev2 limit queue sa_init" resets after reboot
CSCwi95708	FTD: Hostname Missing from Syslog Message
CSCwi95994	Chromium-based browsers have SSL connection conflicts when FIPS CC is enabled on the firewall.
CSCwi97839	FTD traceback assert in vni_idb_get_mode and reloaded
CSCwi98284	Cisco ASA and FTD Software Persistent Local Code Execution Vulnerability
CSCwj02505	ASA Checkheaps traceback while entering same engineID twice
CSCwj09110	Upload files through Clientless portal is not working as expected after the ASA upgrade
CSCwj10955	Cisco ASA and FTD Software Web Services Denial of Service Vulnerability
CSCwj12131	Bailout when lina_io_write fails persistent with EPIPE errno.

Resolved Bugs in Version 7.0.6.1

Table last updated: 2024-05-22

Table 4. Resolved Bugs in Version 7.0.6.1
Bug ID	Headline
CSCvt25221	FTD traceback in Thread Name cli_xml_server when deploying QoS policy
CSCvx04003	Lack of throttling of ARP miss indications to CP leads to oversubscription
CSCvx54562	High System Overhead memory on FTD
CSCvy81493	traceback and reload with 'CHECKHEAPS HAS DETECTED A MEMORY CORRUPTION'
CSCvz07439	Smart Lic Agent stuck in waiting state after failover and continuously switches from lock and unlock
CSCwa70323	Unable to push extra domains >1024 Character, as part of Custom Attribute under Anyconnect VPN
CSCwc78781	ASA/FTD may traceback and reload during ACL changes linked to PBR config
CSCwc82205	ASA/FTD may traceback and reload in Thread Name 'lina'
CSCwd10822	Failover trigger due to Inspection engine in other unit has failed due to disk failure
CSCwd28037	TPK: No nameif during traffic causes the device traceback, lina core is generated.
CSCwd38583	ASA/FTD: Command "no snmp-server enable oid mempool" enabled by default or enforced during upgrades
CSCwd66820	Cisco Firepower Management Center Object Group Access Control List Bypass Vulnerability
CSCwd83141	CCL/CLU filters are not working correctly
CSCwd89095	Stratix5950 and ISA3000 LACP channel member SFP port suspended after reload
CSCwe04043	FTD-HA upgrade failed
CSCwe12705	multimode-tmatch_df_hijack_walk traceback observed during shut/unshut on FO connected switch interfa
CSCwe28407	LINA traceback with icmp_thread
CSCwe28912	FPR 4115- primary unit lost all HA config after ftd HA upgrade
CSCwe42061	Deleting a BVI in FTD interfaces is causing packet drops in other BVIs
CSCwe51443	ASA Evaluation of OpenSSL vulnerability CVE-2022-4450
CSCwe67816	ASA / FTD Traceback and reload when removing isakmp capture
CSCwe74089	ASA/FTD may traceback and reload in Thread Name DATAPATH-1-1656
CSCwe79051	Deployment for eigrp / bgp change may cause temporary outage during policy apply
CSCwe82704	PortChannel sub-interfaces configured as data/data-sharing, in multi-instance HA go into "waiting"
CSCwe83255	ASA/FTD may traceback and reload in Thread Name 'lina'
CSCwe86225	ASA/FTD traceback and reload due citing thread name: cli_xml_server in tm_job_add
CSCwf04460	The fxos directory disappears after cancel show tech fprm detail command with Ctr+c is executed .
CSCwf05295	FTD running on FP1000 series might drop packets on TLS flows after the "Client Hello" message.
CSCwf10910	FTD : Traceback in ZMQ running 7.3.0
CSCwf14126	ASA Traceback and reload citing process name 'lina'
CSCwf15902	ASAv in Hyper-V drops packets on management interface
CSCwf16559	getReadinessStatusTaskList pjb request is very frequent when user in Upgrade sensor list page
CSCwf17042	ASDM replaces custom policy-map with default map on class inspect options at backup restore.
CSCwf22005	ASA Packet-tracer displays the first ACL rule always, though matches the right ACL
CSCwf22637	Network Object Group overrides not visible or be edited from FMC GUI
CSCwf25144	FMC backup management page showing "Verifying Backup" for FTD sensors.
CSCwf26407	FP2130- Unable to disassociate member from port channel, deployment fails, member is lost on FTD/FMC
CSCwf26534	ASA/FTD: Connection information in SIP-SDP header remains untranslated with destination static Any
CSCwf33904	[IMS_7_4_0] - Virtual FDM Upgrade fails: HA configStatus='OUT_OF_SYNC after UpgradeOnStandby
CSCwf34500	FTD: GRE traffic is load balanced between CPU cores
CSCwf35207	ASA: Traceback and reload while updating ACLs on ASA
CSCwf35233	Cisco Adaptive Security Appliance Software and Firepower Threat Defense DoS
CSCwf35573	Traffic may be impacted if TLS Server Identity probe timeout is too long
CSCwf39163	ASAv - High latency is experienced on Azure environment for ICMP ping packets while running snmpwalk
CSCwf43537	Lina crash in thread name: cli_xml_request_process during FTD cluster upgrade
CSCwf44537	99.20.1.16 lina crash on nat_remove_policy_from_np
CSCwf47227	Priority-queue command causes silent egress packet drops on all port-channel interfaces
CSCwf48599	VPN load-balancing cluster encryption using deprecated ciphers
CSCwf49573	ASA/FTD: Traceback and reload when issuing 'show memory webvpn all objects'
CSCwf50497	DNS cache entry exhaustion leads to traceback
CSCwf52810	ASA SNMP polling not working and showing "Unable to honour this request now" on show commands
CSCwf54418	Reduce time taken to clear stale IKEv2 SAs formed after Duplicate Detection
CSCwf54510	ASA traceback and reload on Thread Name: DHCPRA Monitor
CSCwf56811	ASA Traceback & reload on process name lina due to memory header validation
CSCwf59176	FXOS raises a fault for administratively disabled management interface
CSCwf60311	ASA generating traceback with thread-name: DATAPATH-53-18309 after upgrade to 9.16.4.19
CSCwf60590	"show route all summary" executed on transparent mode FTD is causing CLISH to become Sluggish.
CSCwf62729	7.0.6 - Lina Crash in RAVPN interface with anomaly traffic in both non-FIPS and FIPS mode
CSCwf63872	FTD taking longer than expected to form OSPF adjacencies after a failover switchover
CSCwf69901	FTD: Traceback and reload during OSPF redistribution process execution
CSCwf72434	Add meaningful logs when the maximums system limit rules are hit
CSCwf73773	Dumping of last 20 rmu request response packets failed
CSCwf77191	ASA appliance mode - 'connect fxos [admin]' will get ERROR: failed to open connection.
CSCwf78321	ASA: Checkheaps traceback and reload due to Clientless WebVPN
CSCwf81058	FTD: Firepower 3100 Dynamic Flow Offload showing as Enabled
CSCwf82247	Policy deployment fails when a route same prefix/metric is configured in a separate VRF.
CSCwf92135	ASA: Traceback and reload on Tread name "fover_FSM_thread" and ha_ntfy_prog_process_timer
CSCwf92182	Cisco Firepower Management Center Software SQL Injection Vulnerability
CSCwf92646	ECDSA Self-signed certificate using SHA384 for EC521
CSCwf94677	"failover standby config-lock" config is lost after both HA units are reloaded simultaneously
CSCwf95147	OSPFv3 Traffic is Centralized in Transparent Mode
CSCwf95288	FPR1k Switchport passing CDP traffic
CSCwh04365	ASA Traceback & reload on process name lina due to memory header validation - webvpn side fix
CSCwh04395	ASDM application randomly exits/terminates with an alert message on multi-context setup
CSCwh04730	ASA/FTD HA checkheaps crash where memory buffers are corrupted
CSCwh06452	Interface speed mismatch in SNMP response using OID .1.3.6.1.2.1.2.2
CSCwh08403	FMC HA - Health Policy - Applied count shows "0" appliance
CSCwh08481	ASA traceback on Lina process with FREEB and VPN functions
CSCwh11764	ASA/FTD may traceback and reload in Thread Name "RAND_DRBG_bytes" and CTM function on n5 platforms
CSCwh12987	Large SMB servers result in timeouts returning verdicts between FMC and FTD devices
CSCwh13821	ASA/FTD may traceback and reload in when changing capture buffer size
CSCwh14467	File sizes bigger than 100MB for AnyConnect/Secure Client images cannot be uploaded on FMC
CSCwh14597	ASA/FTD residual free
CSCwh16301	Incorrect Hit count statistics on ASA Cluster only for Cluster-wide output
CSCwh20002	Standby FMC is not getting updated with latest GEO DB package
CSCwh21141	The FMC preview deployment shows a wrong information.
CSCwh23100	Cisco ASA and FTD Software Remote Access VPN Unauthorized Access Vulnerability
CSCwh23567	PAC Key file missing on standby on reload
CSCwh25668	ASA 55xx devices running 7.0.6 show up as 100% usage on CPU01 [LINA]
CSCwh27230	Connections are not cleared after idle timeout when the interfaces are in inline mode.
CSCwh28144	Specific OID 1.3.6.1.2.1.25 should not be responding
CSCwh30891	ASA/FTD may traceback and reload in Thread Name 'ssh' when adding SNMPV3 config
CSCwh31495	FTD - Traceback and reload due to nat rule removed by CPU core
CSCwh32118	ASDM management-sessions quota reached due to HTTP sessions stuck in CLOSE_WAIT
CSCwh37475	Removal of msie-proxy commands during flexconfig rollback
CSCwh41127	ASA/FTD: NAT64 error "overlaps with inside standby interface address" for Standalone ASA
CSCwh45108	Cisco ASA and FTD Software Remote Access VPN Unauthorized Access Vulnerability
CSCwh49483	ASA/FTD may traceback and reload while running show inventory all
CSCwh50060	Some TLS1.3 probes test site cases fail due to rst+ack not sent out of FTD during timeout
CSCwh52420	AMP Cloud look up timeout frequently.
CSCwh56945	SFDataCorrelator crashing repeatedly in RNA_DB_InsertServiceInfo
CSCwh64508	Fixing the regression caused while handling web UI is not getting FTDv Variable
CSCwh69209	Prefilter cannot add Tunnel Endpoints in Tunnel Rule on FMC
CSCwh69815	FTDvs through put got changed to 100Kbps after upgrade

Resolved Bugs in Version 7.0.6

Table last updated: 2024-05-22

Table 5. Resolved Bugs in Version 7.0.6
Bug ID	Headline
CSCvo58100	Incorrect validation msg - Invalid value supplied for input parameter : "?"
CSCvq20057	Improve logging of Secure Firewall (Firepower)backups and retry for gzip when using remote storage
CSCvq25866	Flex config Preview of $SYS_FW_ENABLED_INSPECT_PROTOCOL_LIST throws error
CSCvr45136	Adding details and logs when gzip fails and results in backup failure
CSCvs27336	Traceback on ASA by Smart Call Home process
CSCvt35116	Cisco Firepower Management Center Software Information Disclosure Vulnerability
CSCvu24703	FTD - Flow-Offload should be able to coexist with Rate-limiting Feature (QoS)
CSCvu96436	Traceback of master and one slave when a particular lock is contended for long
CSCvv59757	FMC event report generation fails if one is already running
CSCvw82067	ASA/FTD 9344 blocks depleted due to high volume of fragmented traffic
CSCvx04436	Forbidden to run multiple SFDaCo processes, but pidfile not successful at blocking second instance
CSCvx21458	FMC shows error when editing prefix-list attached to active route-map within BGP protocol
CSCvx24207	FQDN Object Containing IPv4 and IPv6 Addresses Only Install IPv6 Entries
CSCvx27744	Policy deployment may fail on FTD after 6.6.1 due to failure to get version upgrade information
CSCvx36885	ASA Traceback & reload in thread Name: DATAPATH
CSCvx52042	Upgrade to 6.6.1 got failed at 800_post/1025_vrf_policy_upgrade.pl
CSCvx55978	Performance Degradation in GetGroupDependency API
CSCvx56021	FTD: CTS SGT propagation gets enabled after reload
CSCvx59181	Email/SNMP/Syslog Health Alerts are not sent out of fmc for cpu and mem
CSCvx65032	FMC ACL Search Move arrows do not work
CSCvx67856	Prometheus process doesnt come up when system ungracefully rebooted
CSCvx71936	FXOS: Fault "The password encryption key has not been set." displayed on FPR1000 and FPR2100 devices
CSCvx97723	hmdaemon process restart during automation test
CSCvy12991	Chassis local date and time may drift back to midnight Jan 1 2015 after reboot
CSCvy16537	Some externalization columns do not match any data when used in where clause
CSCvy24435	FMC GUI can be accessed by an expired password when using .cgi with https://FMCIP/login.cgi
CSCvy26511	Tune unmanaged disk alert thresholds for low end platforms
CSCvy26676	"Warning:Update failed/in-progress." Cosmetic after successful update
CSCvy33879	FTD: repair_users.pl creates rogue .firstboot file that causes FTD reboot failure
CSCvy35737	FTD traceback and reload during anyconnect package verification
CSCvy40493	Selective policy deployment of AC Policy does not export to ngfw.rules
CSCvy50598	BGP table not removing connected route when interface goes down
CSCvy50797	Policy deployment may fail if platform settings contain DH group1 for SSL
CSCvy52617	FMC6.7 changes IPSec Profiles on VTI with each deployment resulting in tunnel flap
CSCvy55676	FMC Deployment failed due to internal errors
CSCvy57905	VTI tunnel interface stays down post reload on KP/WM platform in HA
CSCvy63414	Deploy Preview & Rollback not working when config archival is corrupted
CSCvy65178	Need dedicated Rx rings for to the box BGP traffic on Firepower platform
CSCvy65770	ASA/FTD: Traceback and reload during BGP route update
CSCvy67765	FTD VTI reports TUNNEL_SRC_IS_UP false despite source interface is up/up and working
CSCvy73130	FP4100 platform: Active-Standby changed to dual Active after running "show conn" command
CSCvy84336	Add a warning when member interfaces of the port-channel are different between active and standby
CSCvy86817	Cruz ASIC CLU filter has the incorrect src/dst IP subnet when a custom CCL IP subnet is set
CSCvy88023	FP2100 coredumps do not display the original crashing thread
CSCvy90836	ASA Traceback and reload in Thread Name: SNMP ContextThread
CSCvy91668	PAT pool exhaustion with stickiness traffic could lead to new connection drop.
CSCvy98458	FP21xx -traceback "Panic:DATAPATH-10-xxxx -remove_mem_from_head: Error - found a bad header"
CSCvz07712	Deployment fails with internal_errors - Cannot get fresh id
CSCvz09106	Cisco ASA and FTD Software SSL VPN Denial of Service Vulnerability
CSCvz10428	FMC Health monitoring standby FMC unit does not have data displayed for CPU
CSCvz20679	FTDv - Lina Traceback and reload
CSCvz22668	FMC backup restoration may fail due to VMS database restoration failure
CSCvz24765	device rebooted with snmpd core
CSCvz28145	Error "Another operation by another user prevented this operation. Please retry after sometime."
CSCvz29656	FMC connection event search causing high memory utilization for index.cgi
CSCvz29976	Malware event processing may misbehave with "already part of another table" error
CSCvz34289	In some cases transition to lightweight proxy doesn't work for Do Not Decrypt flows
CSCvz36903	ASA traceback and reload while allocating a new block for cluster keepalive packet
CSCvz37306	ASDM session is not served for new user after doing multiple context switches in existing user
CSCvz38332	FTD/ASA - Stuck in boot loop after upgrade from 9.14.2.15 to 9.14.3
CSCvz38692	ASAv traceback in snmp_master_callback_thread and reload
CSCvz39646	ASA/AnyConnect - Stale RADIUS sessions
CSCvz40098	FTD HA: Health Monitor page shows "Error in fetching device details Error: validation failed"
CSCvz40245	Firepower bandwidth_analyzer tool calculates results in MBps instead of Mbps
CSCvz41551	FP2100: ASA/FTD with threat-detection statistics may traceback and reload in Thread Name 'lina'
CSCvz42065	IPS policy should be imported when its referred in Access Control policy
CSCvz42553	Alarm: Health Alert Smart Licensing Agent not running
CSCvz43414	Internal ldap attribute mappings fail after HA failover
CSCvz43455	ASAv observed traceback while upgrading hostscan
CSCvz44339	FTD - Deployment will fail if you try to delete an SNMP host with ngfw-interface and host-group
CSCvz48407	Traceback and reload in Thread Name: DATAPATH-15-18621
CSCvz49163	Observed some time drift in seconds in the output when we execute show rule hits multiple times
CSCvz50712	TLS server discovery uses incorrect source IP address for probes in AnyConnect deployment
CSCvz51175	FTD HA not forming when SNMP adminState is disabled
CSCvz53142	ASA does not use the interface specified in the name-server command to reach IPv6 DNS servers
CSCvz53372	Snort goes into D state after executing "config log-events-to-ramdisk disable"
CSCvz54318	Policy deployment failure: "No LSP package found in the active lsp directory"
CSCvz55302	FTD/ASA Traceback and reload due to SSL null checks under low memory conditions
CSCvz55395	TCP connections are cleared after configured idle-timeout even though traffic is present
CSCvz57710	conf t is converted to disk0:/t under context-config mode
CSCvz58710	ASA traceback due to SCTP traffic.
CSCvz60142	ASA/FTD stops serving SSL connections
CSCvz61160	ASA traceback on DATAPATH when handling ICMP error message
CSCvz61477	RAVPN Authorization fails if same RADIUS server is used as authentication and authorization server
CSCvz62653	ASA memory leak resulting in error messages and causing tracebacks
CSCvz64470	ASA/FTD Traceback and reload due to memory corruption when generating ICMP unreachable message
CSCvz66236	Threshold mis-behavior of "-1" after configuring Type:Both for specific rule
CSCvz67003	ASDM session count and quota management's count mismatch. 'Lost connection firewall' msg in ASDM
CSCvz68713	PLR license reservation for ASAv5 is requesting ASAv10
CSCvz69571	ASA log shows wrong value of the transferred data after the anyconnect session terminated.
CSCvz69729	Unstable client processes may cause LINA zmqio traceback on FTD
CSCvz70316	LINA may generate traceback and reload
CSCvz70595	Cisco ASA Software and FTD Software Web Services Interface Denial of Service Vulnerability
CSCvz71340	observed snort3 core on xTLSServerKeyExchangeProcessor
CSCvz71542	No messages displayed on the console for any inserted SFP cable after removal.
CSCvz71596	"Number of interfaces on Active and Standby are not consistent" should trigger warning syslog
CSCvz73709	ASA/FTD Standby unit fails to join HA
CSCvz75988	Inconsistent logging timestamp with RFC5424 enabled
CSCvz76652	Proxy URI URL for URL Filtering (beaker service) includes encoded user/password strings
CSCvz77213	FTD: show ntp shows managing DC even though NTP sync is done via FXOS
CSCvz77662	Crash at data-path from Scaled AC-SSL TVM Profile test.
CSCvz77744	OSPFv3: FTD Wrong "Forwarding address" added in ospfv3 database
CSCvz78548	Unable to load Devices --> Certificates page
CSCvz81480	Cisco ASA Software and FTD Software IPsec IKEv2 VPN Information Disclosure Vulnerability
CSCvz81513	FMC - Backup failing due to "CSM backup failed"
CSCvz84850	ASA/FTD traceback and reload caused by "timer services" function
CSCvz85493	FTD backup.log increased size out of control to 50GB or more causing /ngfw to 100% full
CSCvz88020	ASAv: coredumpfsys is formatted during bootup
CSCvz91396	FTD: Deployment will fail when AC Policy is huge
CSCvz94841	Grammatical errors in failover operating mode mismatch error message
CSCvz97196	Can't create Flexconfig Object with ldap-naming-attribute pager cause pager is block.
CSCwa03341	Standby's sub interface mac doesn't revert to old mac with no mac-address command
CSCwa04262	Cisco ASA Software SSL VPN Client-Side Request Smuggling Vulnerability via "/"URI
CSCwa27253	FMC : Device Listing Page Slowness
CSCwa27488	Fail to import with error "is not a table"
CSCwa31488	FDM High Availability cannot be created using Etherchannel as failover interface.
CSCwa32956	Connection events are not sent to Firepower Management Center due to deploy race condition
CSCwa35596	Registered devices may miss on standby FMC due to AnyConnect HostScan class files sync failure
CSCwa36535	Standby unit failed to join failover due to large config size.
CSCwa41936	Cisco FTD Bleichenbacher Attack Vulnerability
CSCwa43311	Snort blocking and dropping packet, with bigger size(1G) file download
CSCwa45369	Execution of commands appears to result in a new zombie process
CSCwa47737	ASA/FTD may hit a watchdog traceback related to snmp config writing
CSCwa49480	SNMP OID , stop working after around one hour and a half - FTD
CSCwa59907	LINA observed traceback on thread name "snmp_client_callback_thread"
CSCwa61361	ASAv traceback when SD_WAN ACL enabled, then disabled (or vice-versa) in PBR
CSCwa62025	IPv6: Some of egress interfaces of global and user vrf routes are missing in asp table
CSCwa68004	FMC 7.0 FlexConfig blocked mac-address-table aging-time for transparent FTD without any alternativ
CSCwa68552	All type-8 passwords are lost upon upgrade from ASA 9.12-9.15 to 9.16, failover gets disabled
CSCwa72481	API key corrupted for FMC with multiple interfaces
CSCwa72528	user-name from certificate feature does not work with SER option
CSCwa72530	FTD: Time gap/mismatch seen when new node joins a Cluster Control node under history
CSCwa72929	SNMPv3 polling may fail using privacy algorithms AES192/AES256
CSCwa73172	ASA reload and traceback in Thread Name: PIX Garbage Collector
CSCwa75966	ASA: Reload and Traceback in Thread Name: Unicorn Proxy Thread with Page fault: Address not mapped
CSCwa79604	Infinitely running jobs in the task list
CSCwa79905	FMC NAT Policy report generation does not record the rules every 51*x
CSCwa82850	ASA Failover does not detect context mismatch before declaring joining node as "Standby ready"
CSCwa87298	ASA conn data-rate: incorrect "current rate" and "data-rate-filter" doesn't work properly
CSCwa89116	Clean up session index handling in IKEv2/SNMP/Session-mgr for MIB usage
CSCwa89560	NAT rule modification after rule search changes rule order
CSCwa94440	syncd process exits due to invalid GID and database synchronization issue
CSCwa95079	ASA/FTD Traceback and reload due to NAT configuration
CSCwa96860	Failover high convergence causes traffic failures
CSCwa96920	ASA/FTD may traceback and reload in process Lina
CSCwa97423	Deployment rollback causes brief traffic drop due to order of operations
CSCwa97917	ISA3000 in boot loop after powercycle
CSCwa99931	ASA/FTD: Tuning of update_mem_reference process
CSCwb00871	ENH: Reduce latency in log_handler_file to reduce watchdog under scale or stress
CSCwb02060	snmp-group host with Invalid host range and subnet causing traceback and reload
CSCwb02955	Modify /800_post/1027_ldap_external_auth_fix.pl to not fail FMC upgrade when objects are corrupt
CSCwb03702	SSH: missing null pointer check leading to snort traceback and reload
CSCwb03704	ASA/FTD datapath threads may run into deadlock and generate traceback
CSCwb04000	ASA/FTD: DF bit is being set on packets routed into VTI
CSCwb04975	FTD Snort3 traceback in daq-pdts while handling FQDN based traffic
CSCwb05148	Cisco ASA Software and FTD Software SNMP Denial of Service Vulnerability
CSCwb05291	Cisco ASDM and ASA Software Client-side Arbitrary Code Execution Vulnerability
CSCwb05920	Crash in KP at webVpn free, HTTPCleanUp and mem_mh_free from Scaled AC-IK/IPSec TVM test.
CSCwb06575	Windows 11 OS is not selectable when creating a DAP record via FMC
CSCwb06847	ASA/FTD may traceback and reload in Thread Name 'DATAPATH-9-11543'
CSCwb07908	Standby FTD/ASA sends DNS queries with source IP of 0.0.0.0
CSCwb07981	Traceback: Standby FTD reboots and generates crashinfo and lina core on thread name cli_xml_server
CSCwb08189	Microsoft update traffic blocked with Snort version 3 Malware inspection
CSCwb08644	ASA/FTD traceback and reload at IKEv2 from Scaled S2S+AC-DTLS+SNMP long duration test
CSCwb09606	FP2100: ASA/FTD high availability is not resilient to unexpected lacp process termination
CSCwb10874	Ensure DB consistency when synchronizing users
CSCwb12476	vm_max size for MonetDB is not set programmatically, which can lead to a setting of zero
CSCwb16037	Unable to replace the anyconnect image when maximum memory used for anyconnect images.
CSCwb16920	CPU profile cannot be reactivated even if previously active memory tracking is disabled
CSCwb17187	SNMP cores are generated every minute while running snmpwalk on HA
CSCwb17963	Unable to identify dynamic rate liming mechanism & not following msg limit per/sec at syslog server.
CSCwb19387	ASA SNMP Poll is failing & show display "Unable to honour this request now.Please try again later."
CSCwb19648	SNMP queries for crasLocalAddress are not returning the assigned IPs for SSL/DTLS tunnels.
CSCwb20206	FTD: Logs and Debugs for SSL/TLS traffic drop due to NAP in Detection Mode
CSCwb22592	SSH Functionalty stopped working after running long duration tests of SCP + Scaled TVM VPN Profiles
CSCwb24039	ASA traceback and reload on routing
CSCwb24306	duplicate log entry for /mnt/disk0/log/asa_snmp.log
CSCwb25809	Single Pass - Traceback due to stale ifc
CSCwb28123	FTD HA deployment fails with error "Deployment failed due to major version change on device"
CSCwb28427	ssl rule with appid condition may get matched incorrectly, potentially causing connection failure
CSCwb31551	When inbound packet contains SGT header, FPR2100 cannot distribute properly per 5 tuple
CSCwb31699	Primary takes active role after reload
CSCwb32267	Crash on KP Active node while clearing vpnsessiondb with AnyConnect-SSL TVM Profile running
CSCwb32721	Syslog IDs 725021 and 725022 are not listed as valid IDs
CSCwb32790	Replace log4j with slf4j
CSCwb32841	NAT (any,any) statements in-states the failover interface and resulting on Split Brain events
CSCwb38961	Bootstrap After Upgrade failed due to Duplicate Key of Network Object
CSCwb40001	Long delays when executing SNMP commands
CSCwb41739	debug crypto conditional need to be made multi-ctx aware
CSCwb43018	Implement SNP API to check ifc and ip belongs to HA LU or CMD interface
CSCwb43433	Jumbo frame performance has degraded up to -45% on Firepower 2100 series
CSCwb43629	License and rule counts telemetry data incorrectly generated for HA managed devices
CSCwb44848	ASA/FTD Traceback and reload in Process Name: lina
CSCwb46481	SNMPv3 not working after upgrade of FMC
CSCwb50405	ASA/FTD Traceback in crypto hash function
CSCwb51707	ASA Traceback and reload in process name: lina
CSCwb51821	Disk usage errors on Firepower Azure device due to large backup unified files under ngfw directory
CSCwb52401	Cisco Firepower Threat Defense Software Privilege Escalation Vulnerability
CSCwb53172	FTD: IKEv2 tunnels flaps every 24 hours and crypto archives are generated
CSCwb53191	Certificate validation fails post upgrade to 9.17.1
CSCwb53328	ASA/FTD Traceback and reload caused by Smart Call Home process sch_dispatch_to_url
CSCwb54791	ASA DHCP server fails to bind reserved address to Linux devices
CSCwb56905	ASA blocking 0.0.0.0 IP and netmask combination in SSH/TELNET/HTTP config
CSCwb57213	FTD - Unable to resolve DNS when only diagnostic interface is used for DNS lookups
CSCwb57615	Configuring pbr access-list with line number failed.
CSCwb58554	Resumed SSL sessions with uncached tickets may fail to complete
CSCwb58817	FMC Deploying negative and positive form of BGP password command across deployments
CSCwb59218	Unable to save DAP Endpoint Criteria as "Disabled"
CSCwb59465	ASA/FTD may traceback (watchdog) and reload when generating a syslog from the VPN Failover subsystem
CSCwb59488	ASA/FTD Traceback in memory allocation failed
CSCwb61402	FMC: LDAP shell login may fail if LDAP server is slow to query the DNS servers for users
CSCwb64551	FMC Backup failure- Monetdb backup failure code 102
CSCwb66761	Cisco Firepower Threat Defense Software Generic Routing Encapsulation DoS Vulnerability
CSCwb67040	FP4112\|4115 Traceback & reload on Thread Name: netfs_thread_init
CSCwb68642	ASA traceback in Thread Name: SXP CORE
CSCwb69503	ASA unable to configure aes128-gcm@openssh.com when FIPS enabled
CSCwb71460	ASA traceback in Thread Name: fover_parse and triggered by snmp related functions
CSCwb73248	FW traceback in timer infra / netflow timer
CSCwb74571	PBR not working on ASA routed mode with zone-members
CSCwb76423	ASA/FTD traceback and reload when checking CRL
CSCwb78323	Update diskmanager to monitor cisco_uridb files in /ngfw/var/sf/cloud_download folder.
CSCwb79812	RIP is advertising all connected Anyconnect users and not matching route-map for redistribution
CSCwb80559	FTD offloads SGT tagged packets although it should not
CSCwb80862	ASA/FTD proxy arps any traffic when using the built-in 'any' object in translated destination
CSCwb82796	ASA/FTD firewall may traceback and reload when tearing down IKE tunnels
CSCwb83388	ASA HA Active/standby tracebacks seen approximately every two months.
CSCwb83691	ASA/FTD traceback and reload due to the initiated capture from FMC
CSCwb84901	CIAM: heimdal 1.0.1
CSCwb85633	Snmpwalk output of memory does not match show memory/show memory detail
CSCwb86118	TPK ASA: Device might get stuck on ftp copy to disk
CSCwb87498	Lina traceback and reload during EIGRP route update processing.
CSCwb87950	Cisco ASA Software and FTD Software Web Services Interface Denial of Service Vulnerability
CSCwb88406	FMC-HA upgrade failure due to presence of this file "update.status"
CSCwb88651	Cisco ASA and FTD Software RSA Private Key Leak Vulnerability
CSCwb88729	FTD - %FTD-3-199015: port-manager: Error: DOM Block Read failure, port X, st = X log false/positive
CSCwb89963	ASA Traceback & reload in thread name: Datapath
CSCwb90074	ASA: Multiple Context Mixed Mode SFR Redirection Validation
CSCwb90532	ASA/FTD traceback and reload on NAT related function nat_policy_find_location
CSCwb91101	SNMP interface threshold doesn't trigger properly when traffic sent to interface ~4gbps
CSCwb91598	copying FMC backup to remote storage will fail if FMC has never connected via SSH/SCP to remote host
CSCwb92709	We can't monitor the interface via "snmpwalk" once interface is removed from context.
CSCwb93932	ASA/FTD failover pair traceback and reload due to connection replication race condition
CSCwb94190	ASA graceful shut down when applying ACL's with forward reference feature and FIPS enabled.
CSCwb94312	Unable to apply SSH settings to ASA version 9.16 or later
CSCwb95453	ASA: The timestamp for all logs generated by Admin context are the same
CSCwb97251	ASA/FTD may traceback and reload in Thread Name 'ssh'
CSCwb97486	FPR3100: 25G optic may show link up on some 1/10G capable only fiber ports
CSCwb99375	Config sync fails for command "quit"
CSCwc00115	FTD registration fails on on-prem FMC
CSCwc02488	ASA/FTD may traceback and reload in Thread Name 'None'
CSCwc02700	Fragmented packets are dropped when unit leaves cluster
CSCwc03069	Interface internal data0/0 is up/up from cli but up/down from SNMP polling
CSCwc03332	FTD on FP2100 can take over as HA active unit during reboot process
CSCwc03507	No-buffer drops on Internal Data interfaces despite little evidence of CPU hog
CSCwc05434	FMC shows 'File Not Stored' after download a file
CSCwc07015	snort3 crash due to NULL pointer in TLS Client Hello Evaluation
CSCwc07262	Standby ASA goes to booting loop during configuration replication after upgrade to 9.16(3).
CSCwc08374	Azure ASA NIC MAC address for Gigeth 0/1 and 0/2 become out of order when adding interfaces
CSCwc09414	ASA/FTD may traceback and reload in Thread Name 'ci/console'
CSCwc10483	ASA/FTD - Traceback in Thread Name: appAgent_subscribe_nd_thread
CSCwc10792	ASA/FTD IPSEC debugs missing reason for change of peer address and timer delete
CSCwc11511	FTD: SNMP failures after upgrade to 7.0.2
CSCwc11597	ASA tracebacks after SFR was upgraded to 6.7.0.3
CSCwc11663	ASA traceback and reload when modifying DNS inspection policy via CSM or CLI
CSCwc13017	FTD/ASA traceback and reload at at ../inspect/proxy.h:439
CSCwc13477	FMC \| Interface update Failed. Could not find source interface
CSCwc13994	ASA - Restore not remove the new configuration for an interface setup after backup
CSCwc18285	Conn data-rate command can be enabled or disabled in unprivileged user EXEC mode
CSCwc18312	"show nat pool cluster" commands run within EEM scripts lead to traceback and reload
CSCwc18524	ASA/FTD Voltage information is missing in the command "show environment"
CSCwc18668	Failed user login on FMC does not record entry in audit log when using external authentication
CSCwc19124	FMC Deployment does not start for cluster devices
CSCwc22170	Issue with snort perfstat parsing / Hmdeamon not starting after disk full reported
CSCwc23356	ASA/FTD may traceback and reload in Thread Name 'DATAPATH-20-7695'
CSCwc23695	ASA/FTD can not parse UPN from SAN field of user's certificate
CSCwc23844	ASAv high CPU and stack memory allocation errors despite over 30% free memory
CSCwc24906	ASA/FTD traceback and reload on Thread id: 1637
CSCwc26648	ASA/FTD Traceback and Reload in Thread name Lina or Datatath
CSCwc27424	Unable to removed not used SAL On-Premise FMC configuration
CSCwc27797	ASA mgmt ip cannot be released
CSCwc27846	Traceback and Reload while HA sync after upgrading and reloading.
CSCwc28334	Cisco ASA and FTD Software RSA Private Key Leak Vulnerability
CSCwc28532	9344 Block leak due to fragmented GRE traffic over inline-set interface inner-flow processing
CSCwc28806	ASA Traceback and Reload on process name Lina
CSCwc28928	ASA: SLA debugs not showing up on VTY sessions
CSCwc30573	Deployment/Tasks Button not seen FMC_UI while doing upgrade tests configured in Light theme
CSCwc32245	FMC: Validation check to prevent exponential expansion of NAT rules
CSCwc32246	NAT64 translates all IPv6 Address to 0.0.0.0/0 when object subnet 0.0.0.0 0.0.0.0 is used
CSCwc33036	Observed Logs at syslog server side as more than configured message limit per/sec.
CSCwc35181	OSPF template adds "default-information-originate" to area <area-id> nssa statement on hitting OK.
CSCwc36905	ASA traceback and reload due to "Heap memory corrupted at slib_malloc.c
CSCwc37256	SSL AnyConnect access blocked after upgrade
CSCwc38567	ASA/FTD may traceback and reload while executing SCH code
CSCwc39525	FMC HA status alert "degraded - maintenance" seen periodically after upgrade
CSCwc40381	ASA : HTTPS traffic authentication issue with Cut-through Proxy enabled
CSCwc41293	Firepower module show-tech file generation may fail with error "Failed to create archive!"
CSCwc41592	False positives for Ultrasurf
CSCwc42174	CIAM: mariadb - multiple versions CVE-2022-32081
CSCwc42561	Deploy page listing takes 1.5 to 2 mins with 462 HA device
CSCwc43807	FTD is unusable post reboot if manager is deleted and FIPS is enabled
CSCwc44289	FTD - Traceback and reload when performing IPv4 <> IPv6 NAT translations
CSCwc44608	Selective deployment of IPS may cause outage due to incorrectly written FTD configuration files
CSCwc45108	ASA/FTD: GTP inspection causing 9344 sized blocks leak
CSCwc45397	ASA HA - Restore in primary not remove new interface configuration done after backup
CSCwc48375	Inbound IPSEC SA stuck inactive - many inbound SPIs for one outbound SPI in "show crypto ipsec sa"
CSCwc48853	SFDataCorrelator Discovery Event bottleneck can cause Connection Event delay and backlog
CSCwc49095	ASA/FTD 2100 platform traceback and reload when fragments are coalesced and sent to PDTS
CSCwc49364	mojo_server processes unnecessarily restarting during log rotation
CSCwc50519	Excessive logging from hm_du.pm may lead to syslog-ng process restarts
CSCwc50846	FTD Upgrade Fail - Readiness Check Successful, but Readiness status never shown
CSCwc50887	FTD - Traceback and reload on NAT IPv4<>IPv6 for UDP flow redirected over CCL link
CSCwc50891	MPLS tagging removed by FTD
CSCwc51326	FXOS-based Firepower platform showing 'no buffer' drops despite high values for RX ring watermarks
CSCwc51588	Failing to generate FMC Backup/Restore via SMB/SSH
CSCwc52351	ASA/FTD Cluster Split Brain due to NAT with "any" and Global IP/range matching broadcast IP
CSCwc53280	ASA parser accepts incomplete network statement under OSPF process and is present in show run
CSCwc54217	syslog related to failover is not outputted in FPR2140
CSCwc54901	Scheduled tasks may not run on active FMC in HA after switchover or split-brain resolution
CSCwc54984	IKEv2 rekey - Responding Invalid SPI for the new SPI received right after Create_Child_SA response
CSCwc56003	Trigger FTD backup with remote storage option enabled along with retrieval to FMC fails
CSCwc56952	Able to see the SLA debug logs on both console & VTY sessions even if we enable only on VTY session.
CSCwc57575	FMC: Scheduled backups working fine, but FMC email alerts displaying it failed.
CSCwc60037	ASA fails to rekey with IPSEC ERROR: Failed to allocate an outbound hardware context
CSCwc60227	FMC-GUI bypass session timeout while staying in any Event tab if Refresh Interval is enabled
CSCwc61912	ASA/FTD OSPFv3 does not generate messages Type 8 LSA for IPv6
CSCwc62215	FTD unable to sync HA due to snort validation failed
CSCwc63273	SFDataCorrelator host timeout query can block event processing and cause a deadlock restart
CSCwc64333	FMC GUI timeout and issues with loading http page due to exceeded http connections
CSCwc64923	ASA/FTD may traceback and reload in Thread Name 'lina' ip routing ndbshr
CSCwc66757	ASA/FTD may traceback and reload in Thread Name 'lina'
CSCwc67687	ASA HA failover triggers HTTP server restart failure and ASDM outage
CSCwc67886	ASA/FTD may traceback and reload in Thread Name 'lina_inotify_file_monitor_thread'
CSCwc68543	mismatch in the config pushed from FMC and running config on FTD
CSCwc68656	ASA CLI for TCP Maximum unprocessed segments
CSCwc69583	Portchannel configured from FDM breaks "Use the Data Interfaces as the Gateway" for Mgmt interface
CSCwc70962	FTD/ASA "Write Standby" enables ECDSA ciphers causing AC SSLv3 handshake failure
CSCwc72155	ASA/FTD Traceback and reload on function "snp_cluster_trans_allocb"
CSCwc72284	TACACS Accounting includes an incorrect IPv6 address of the client
CSCwc73224	Call home configuration on standby device is lost after reload
CSCwc74099	FPR2140 ASA Clock Timezone reverts to UTC after appliance restart/reload
CSCwc74103	ASA/FTD may traceback and reload in Thread Name 'DATAPATH-11-32591'
CSCwc74271	Auth-Daemon process is getting restarted continuously when SSO disabled
CSCwc74378	FMC UI should disallow simultaneous deactivation of FMC interface management and event channels
CSCwc74841	FMC RSS Feed broken because FeedBurner is no longer active - "Unable to parse feed"
CSCwc74858	FTD - Traceback in Thread Name: DATAPATH
CSCwc77519	FPR1000 ASA/FTD: Primary takes active role after reloading
CSCwc77680	FTD may traceback and reload in Thread Name 'DATAPATH-0-4948'
CSCwc79366	During the deployment time, device got stuck processing the config request.
CSCwc80234	"inspect snmp" config difference between active and standby
CSCwc80357	[Deploy Performance] degrade in deployment page on FMC
CSCwc81184	ASA/FTD traceback and reload caused by SNMP process failure
CSCwc81219	Intrusion events intermittently stop appearing in FMC when using snort3
CSCwc81727	Default Domain in VPN group policy objects cannot be deleted
CSCwc81960	Unable to configure 'match ip address' under route-map when using object-group in access list
CSCwc82188	FTD Traceback and reload when applying long commands from FMC UI or CLISH
CSCwc86330	Vulnerabilities in spring-framework - multiple versions CVE-2022-22970
CSCwc86391	On slow networks with some packets loss sftunnel may mark connections as STALE
CSCwc87441	for system processes limit the CPUs used to the number of system CPUs
CSCwc88108	Prefilter policy - Available port menu long response time, Prefilter Network Search takes long time
CSCwc88897	ASA traceback and reload due to null pointer in Umbrella after modifying DNS inspection policy
CSCwc89661	FTD reboots due to heartbeat loss and "Communication with NPU lost"
CSCwc89796	ASA/FTD may traceback and reload in Thread Name 'appagent_async_client_receive_thread' hog detection
CSCwc89924	FXOS ASA/FTD SNMP OID to poll Internal-data 'no buffer' interface counters
CSCwc90091	ASA 9.12(4)47 with user-statistics, will affects the "policy-server xxxx global" visibility.
CSCwc92761	7.3 - Message flood by Use of uninitialized value $unix_time in numeric gt
CSCwc93166	Using write standby in a user context leaves secondary firewall license status in an invalid state
CSCwc93687	Error message while editing ACP
CSCwc94085	Unable to establish DTLSv1.2 with FIPS enabled after upgrade from 6.6.5.
CSCwc94466	Cisco ASA/FTD Firepower 2100 SSL/TLS Denial of Service Vulnerability
CSCwc94501	ASA/FTD memory leak and tracebacks due to ctm_n5 resets
CSCwc95290	ESP rule missing in vpn-context may cause IPSec traffic drop
CSCwc96016	Captive portal support in cross domain
CSCwc96805	traceback and reload due to tcp intercept stat in thread unicorn
CSCwc99242	ISA3000 LACP channel member SFP port suspended after reload
CSCwd00386	ASA/FTD may traceback and reload when clearing the configration due to "snp_clear_acl_log_flow_all"
CSCwd00778	ifAdminStatus output is abnormal via snmp polling
CSCwd01032	ASA/FTD may traceback and reload when RAVPN with SAML is configured
CSCwd02864	logging/syslog is impacted by SNMP traps and logging history
CSCwd03113	FMC local backup fails cause of "Update Task: Database integrity check failed" - Syslog server issue
CSCwd03793	FTD Traceback and reload
CSCwd03810	ASA Custom login page is not working through webvpn after an upgrade
CSCwd04210	ASA: ASDM sessions stuck in CLOSE_WAIT causing lack of MGMT
CSCwd05814	PDTS write from Daq can fail when PDTS buffer is full eventually leads to block depletion
CSCwd06005	ASA/FTD Cluster Traceback and Reload during node leave
CSCwd07059	multiple snort3 crashes after upgrading FTD from 7.2.0 to 7.2.0.1
CSCwd08430	Create a resiliency configuration option for SFTunnel to support HA and FTD connectivity
CSCwd10121	Invalid query seen in MonetDB merovingian.log
CSCwd10497	FTD sensor rules missing from ngfw.rules file after a sensor backup restore execution
CSCwd10760	Firewall_rule_cache may not pruned for many years for some customers
CSCwd10880	critical health alerts 'user configuration(FSM.sam.dme.AaaUserEpUpdateUserEp)' on 2100/3100 devices
CSCwd11005	Missing fqdns_old.conf file causes FTD HA app sync failure
CSCwd11165	"Move" option is greyed out on Backup-Restore in FMC
CSCwd11303	ASA might generate traceback in ikev2 process and reload
CSCwd11855	ASA/FTD may traceback and reload in Thread Name 'ikev2_fo_event'
CSCwd11963	Error message seen in the log "Error operation timed out getting CriticalStatus from PM."
CSCwd13083	FMC - Unable to initiate deployment due to incorrect threat license validation
CSCwd13917	during download from file event on FMC, high CPU use on FMC for 20 minutes before download fails
CSCwd14432	"Inspection Interruption" is seen as YES but snort3 didn't restart
CSCwd14688	FTD upgrade failure due to Syslog files getting generated/deleted rapidly
CSCwd14972	ASA/FTD Traceback and Reload in Thread Name: pix_flash_config_thread
CSCwd16017	Object edit slowness when it is associated with NAT rules
CSCwd16294	GTP inspection drops packets for optional IE Header Length being too short
CSCwd16517	GTP drops not always logged on buffer and syslog
CSCwd16689	ASA/FTD traceback due to block data corruption
CSCwd16712	Device readiness upgrade check failure - sftunnel sync issue due to time change
CSCwd16902	File events show Action as "Malware Block" for files with correct disposition of unknown
CSCwd17037	SFDataCorrelator RNA-Stop action should not block when database operations are hung
CSCwd17856	ASA goes for traceback/reload with message - snmp_ma_kill_restart: vf is NULL
CSCwd17940	HA did not failover due to misleading status updates from NDClient
CSCwd18744	FPR1K FTD fails to form HA due to reason "Other unit has different set of hwidb index"
CSCwd19053	ASA/FTD may traceback with large number of network objects deployment using distribute-list
CSCwd20627	ASA/FTD: NAT configuration deployment failure
CSCwd20900	HTTP Block Response and Interactive Block response pages not being displayed by Snort3
CSCwd22413	EIGRPv6 - Crashed with "mem_lock: Assertion mem_refcount' failed" on LINA.
CSCwd22907	ASA/FTD High CPU in SNMP Notify Thread
CSCwd23188	ASA/FTD may traceback and reload in Thread Name 'lina'
CSCwd23913	FTD in HA traceback multiple times after adding a BGP neighbour with prefix list.
CSCwd25201	ASA/FTD SNMP traps enqueued when no SNMP trap server configured
CSCwd25256	ASA/FTD Transactional Commit may result in mismatched rules and traffic loss
CSCwd26466	Incorrect Frequent Drain of Connection Events alert
CSCwd26867	Device should not move to Active state once Reboot is triggered
CSCwd28236	standby unit using both active and standby IPs causing duplicate IP issues due to nat "any"
CSCwd29835	log rotate failing to cycle files, resulting in large file sizes
CSCwd30296	Device Metrics Not Working After Upgrade to 7.0.3 from pre -7.0.0 version
CSCwd30298	FTD: FTPS Data Channel connection impacted by TLS Server Identity and Discovery Probe sent by FTD
CSCwd30774	FMC HA - files in tmp/Sync are left on secondary when synchronisation task fails
CSCwd30977	FMC deleted some access-rules due to an incorrect delta generated during the policy deployment.
CSCwd31181	Lina traceback and reload - VPN parent channel (SAL) has an invalid underlying channel
CSCwd32952	Active and Standby device details not available in FMC logs during FTD HA break
CSCwd33054	DHCP Relay is looping back the DHCP offer packet causing dhcprelay to fail on the FTD/ASA
CSCwd33811	Cluster registration is failing because DATA_NODE isn't joining the cluster
CSCwd34288	FP1000 - During boot process in LINA mode, broadcasts leaked between interfaces resulting in storm
CSCwd34662	LTS18 and LTS21 commit id update in CCM layer (seq 39)
CSCwd37238	TLS connections to Exchange 2007 server may fail
CSCwd38526	FMC can allow deployment of NAP in test mode with Decrypt policy
CSCwd38774	ASA: Traceback and reload due to clientless webvpn session closure
CSCwd38775	ASA/FTD may traceback and reload in Thread lina
CSCwd38805	Syslog 106016 is not rate-limited by default
CSCwd39039	FMC - Error message "The server response was not understood. Please contact support." on UI
CSCwd39468	ASA/FTD Traceback and reload when configuring ISAKMP captures on device
CSCwd39506	SSL Policy DND default Rule fails on error unsupported cipher suite and SKE error.
CSCwd40141	Firepower Management Center GUI view for Snort2 Local Intrusion Rules is missing
CSCwd40260	Serviceability Enhancement - Unable to parse payload are silently drop by ASA/FTD
CSCwd41083	ASA traceback and reload due to DNS inspection
CSCwd41224	FMC HA webUI is not getting FTDv Variable tier assigned FTDv - Variable
CSCwd41466	Re-downloaded users from a forest with trusted domains may become unresolved/un-synchronized
CSCwd41806	deployment failed with OOM (out of memory) for policy_apply.pl process
CSCwd42072	SRU installation failure.
CSCwd42347	FMC not showing any alerts/warnings when deploying changes of prefix list with same seq #
CSCwd43666	Analyze why there is no logrotate for /opt/cisco/config/var/log/ASAconsole.log
CSCwd44326	Object NAT edit is failing
CSCwd46741	fxos log rotate failing to cycle files, resulting in large file sizes
CSCwd46780	ASA/FTD: Traceback and reload in Thread Name: appAgent_reply_processor_thread
CSCwd47340	FXOS: memory leak in svc_sam_envAG process
CSCwd47424	Device name always shows as 'firepower' in CDO event view
CSCwd47442	800_post/1027_ldap_external_auth_fix.pl upgrade error -- reference to missing authentication object
CSCwd47481	WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 40)
CSCwd48633	ASA - traceback and reload when Webvpn Portal is used
CSCwd49685	Missing SSL MEMCAP causes deployment failure due timeout waiting for snort detection engines
CSCwd50131	Upgrades are not cleaning up mysql files leading to alert for 'High unmanaged disk usage on /ngfw'
CSCwd50218	ASA restore is not applying vlan configuration
CSCwd51757	Unable to get polling results using snmp GET for connection rate OID’s
CSCwd51964	Add validation in lua detector api to check for empty patterns for service apps
CSCwd53135	ASA/FTD: Object Group Search Syslog for flows exceeding threshold
CSCwd53340	FTD PDTS LINA RX queue can become stuck when snort send messages with 4085-4096 bytes size
CSCwd53863	Data migration from Sybase to MariaDB taking more time due to large data size of POLICY_SNAPSHOT
CSCwd54439	FMC gives an irrelevant error message for Snort2 to Snort3 rules conversion failure
CSCwd55673	Need corrections in log_handler_file watchdog crash fix
CSCwd55853	Deployment failure with localpool overlap error after upgrade
CSCwd56254	"show tech-support" generation does not include "show inventory" when run on FTD
CSCwd56296	FTD Lina traceback and reload in Thread Name 'IP Init Thread'
CSCwd56431	Disable asserts in FTD production builds
CSCwd56774	Misleading drop reason in "show asp drop"
CSCwd56995	Clientless Accessing Web Contents using application/octet-stream vs text/plain
CSCwd57698	Recursive panic under lina_duart_write
CSCwd58188	Inline-pair's state could not able to auto recover from hardware-bypass to standby mode.
CSCwd58337	allocate more cgroup memory for policy deployment subgroup
CSCwd58417	HA Periodic sync is failing due to cfg files are missing
CSCwd58430	At times AC Policy save takes longer time, may be around 10 or above mins
CSCwd58528	Memory depletion while running EMIX traffic profile on QP HA active node
CSCwd59736	ASA/FTD: Traceback and reload due to SNMP group configuration during upgrade
CSCwd61016	ASA: Standby may get stuck in "Sync Config" status upon reboot when there is EEM is configured
CSCwd61082	FMC UI Showing inaccurate data in S2S VPN Monitoring page
CSCwd61410	mdbtrace.log can fill storage on FMC
CSCwd62025	FTDv: Policy Deployment failure due to interface setting on failover interface
CSCwd62138	ASA Connections stuck in idle state when DCD is enabled
CSCwd62729	FDM QW/QP: All URL traffic blocked in BAT/BQT test
CSCwd62915	Cross-domain users with non-ASCII characters are not resolved
CSCwd63580	FPR2100: Increase in failover convergence time with ASA in Appliance mode
CSCwd63961	AC clients fail to match DAP rules due to attribute value too large
CSCwd64919	FXOS is not rotating PoE logs
CSCwd65327	WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 41)
CSCwd66815	Lina changes to support - Snort3 traceback in daq-pdts while handling FQDN based traffic
CSCwd67101	FPR1150 : Exec format error seen and the device hung until reload when erase secure all is executed
CSCwd68088	ASA\|FTD: Implement different TLS diffie-hellman prime based on RFC recommendation
CSCwd69236	FMC Connection Event stop displaying latest event
CSCwd69454	Port-channel interfaces of secondary unit are in waiting status after reload
CSCwd72656	FMC GUI takes long time to load Intrusion Event packet view
CSCwd72680	FXOS: FP2100 FTW timeout triggered by high CPU usage during FTD Access Control Policy deploy.
CSCwd72915	FMC 7.1.0.1 Doesn't throw warning that S2S VPN Configs contain deprecated MD5 Hash during deployment
CSCwd73981	FMC: Updates page takes more than 5 minutes to load
CSCwd74116	S2S Tunnels do not come up due to DH computation failure caused by DSID Leak
CSCwd74648	External authentication with Radius server fail with error "This account is currently not available"
CSCwd74839	30+ seconds data loss when unit re-join cluster
CSCwd75738	Predefined FlexConfig Text Objects are not exported by Import-Export
CSCwd75912	ASA SFR is failing registration or not sending events to FMC
CSCwd76634	FMC import takes too long
CSCwd78123	ASA/FTD traceback and reload when IPSec/Ikev2 vpn session bringup with dh group 31 in fips mode
CSCwd78624	ASA configured with HA may traceback and reload with multiple input/output error messages
CSCwd78940	Traps are not getting generated in UUT for config change in multicontext
CSCwd79388	intrusion events fail to migrate from MariaDB to MonetDB following FMC upgrade from 7.0.3 to 7.1.0
CSCwd80343	MI FTD running 7.0.4 is on High disk utilization
CSCwd81384	FMC upgrade fails: 114_DB_table_data_integrity_check.pl, stating Snort2IPSNAPCleanup.pm not be found
CSCwd81538	FTD Traffic failure due to 9344 block depletion in peer_proxy_tx_q
CSCwd81897	Snort3 crash seen sometimes while processing a future flow connection after appid detectors reload
CSCwd82235	LINA Traceback on FPR-1010 under Thread Name: update_cpu_usage
CSCwd82801	Snort outputs massive volume of packet events - IPS event view may show "No Packet Information"
CSCwd83956	snort2 does not match rules based on application SMTP/SMTPS anymore after a while
CSCwd83990	FTD -Snort match incorrect NAP id for traffic
CSCwd84133	ASA/FTD may traceback and reload in Thread Name 'telnet/ci'
CSCwd84868	Observing some devcmd failures and checkheaps traceback when flow offload is not used.
CSCwd85178	AWS ASAv PAYG Licensing not working in GovCloud regions.
CSCwd85609	FTDs running 6.6.x show as disconnected on new HM (6.7+) but checks are running and updating
CSCwd85927	Traceback and reload when webvpn users match DAP access-list with 36k elements
CSCwd86313	Unable to access Dynamic Access policy
CSCwd86457	Number of objects are not getting updated under policies>>>Security intelligence >>>Block list
CSCwd86929	Cut-Through Proxy does not work with HTTPS traffic
CSCwd88585	ASA/FTD NAT Pool Cluster allocation and reservation discrepancy between units
CSCwd88641	Deployment changes to push VDB package based on Device model and snort engine
CSCwd89349	WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (seq 42)
CSCwd90112	MariaDB crash (segmentation fault) related to netmap query
CSCwd91013	FMC \| Deployment failure in csm_snapshot_error
CSCwd91421	ASA/FTD may traceback and reload in logging_cfg processing
CSCwd92804	FAN LED flashing amber on FPR2100
CSCwd93316	No Inspect Interruption warning when deploy after FMC upgrade
CSCwd93376	Clientless VPN users are unable to download large files through the WebVPN portal
CSCwd93792	SFDataCorrelator performance degradation involving hosts with many discovered MAC addresses
CSCwd94096	Anyconnect users unable to connect when ASA using different authentication and authorization server
CSCwd94183	Blade not coming up after FXOS update support on multi-instance due to ssp_ntp.log log rotation prob
CSCwd95415	The Standby Device going in failed state due to snort heartbeat failure
CSCwd95436	Primary ASA traceback upon rebooting the secondary
CSCwd95908	ASA/FTD traceback and reload, Thread Name: rtcli async executor process
CSCwd96041	FMC SecureX via proxy stops working after upgrade to 7.x
CSCwd96493	Link Up seen for a few seconds on FPR1010 during bootup
CSCwd96755	ASA is unexpected reload when doing backup
CSCwd96766	41xx: Blade does not capture or log a reboot signal
CSCwd96790	High FMC backup file size due to configurations snapshot for all managed devices
CSCwd97020	ASA/FTD: External IDP SAML authentication fails with Bad Request message
CSCwd97276	Unified events and connection events pages don't load anymore. DB Cores generated every few minutes
CSCwe00757	Summary status dashboard takes more than 3 mins to load upon login
CSCwe00828	Interactive Block action doesn't work when websites are redirected to https
CSCwe00864	License Commands go missing in Cluster data unit if the Cluster join fails.
CSCwe03529	FTD traceback and reload while deploying PAT POOL
CSCwe03991	FTD/ASA traceback and reload during to tmatch compilation process
CSCwe04437	collection of top.log.gz in troubleshoot can be corrupt due to race condition
CSCwe05913	FTD traceback/reloads - Icmp error packet processing involves snp_nat_xlate_identity
CSCwe06724	Database table optimization not working for some of the tables
CSCwe06826	Email alert incorrectly send for a successful database backup
CSCwe06828	FMC HA Synchronization can hang forever if no response from SendUserReloadSGTAndEndpointsEvent
CSCwe07103	FMC: Upgrade fails at DB Integrity check due to large number of EO warnings for "rule_comments"
CSCwe07722	Cluster data unit drops non-VPN traffic with ASP reason "VPN reclassify failure
CSCwe07928	On a cloud-delivered FMC there is no way to send events to syslog without sending to SAL/CDO as well
CSCwe08729	FPR1120:connections are getting teardown after switchover in HA
CSCwe08908	Threatgrid integration configuration is not sync'd as part of the FMC HA Synchronisation
CSCwe09074	None option under trustpoint doesn't work when CRL check is failing
CSCwe09811	FTD traceback and reload during policy deployment adding/removing/editing of NAT statements.
CSCwe11119	ASA: Traceback and reload while processing SNMP packets
CSCwe11189	monetdb log use all of disk spaces on /Volume
CSCwe11304	Snort crashing on FTD
CSCwe11727	Purging of Config Archive failed for all the devices if one device has no versions
CSCwe12407	High Lina memory use due to leaked SSL handles
CSCwe13627	FMC Unable to fetch VPN troubleshooting logs.
CSCwe14062	FTD/Lina or ASA traceback and reload related to thread ctm_qat_engine
CSCwe14174	FTD - 'show memory top-usage' providing improper value for memory allocation
CSCwe14514	ASA/FTD Traceback and reload of Standby Unit while removing capture configurations
CSCwe15164	ASA: ASDM cannot display SFR tabs until it's "woken up" through its CLI.
CSCwe16620	FMC Health Monitor does not report alerts for the Interface Status module
CSCwe18090	FMC deployment failure:"Validation failed: This is a slav*/ha standby device, rejecting deployment."
CSCwe18859	After device registration or FMC upgrade, devices sometimes don't send events to the FMC
CSCwe18974	ASA/FTD may traceback and reload in Thread Name: CTM Daemon
CSCwe20043	256-byte memory block gets depleted on start if jumbo frame is enabled with FTD on ASA5516
CSCwe20714	Traffic drop when primary device is active
CSCwe21037	Snort mem used alert should be consistent with value from top.log
CSCwe21187	ASA/FTD may drop multicast packets due to no-mcast-intrf ASP drop reason until UDP timeout expires
CSCwe21280	Multicast connection built or teardown syslog messages may not always be generated
CSCwe21959	Snort3: Process in D state resulting in OOM with jemalloc memory manager
CSCwe22216	Maria DB crashing/holding high CPU and not allowing users to login GUI and CLI
CSCwe22254	After disabling malware analysis, high disk usage on /dev/shm/snort
CSCwe22302	Partition "/opt/cisco/config" gets full due to wtmp file not getting logrotated
CSCwe22492	Slow UI loading for Table View of Hosts
CSCwe22980	Database integrity check takes several minutes to complete
CSCwe23039	NTP polling frequency changed from 5 minutes to 1 second causes large useless log files
CSCwe23139	FTD HA does not break from FMC GUI but HA bootstrap is removed from devices
CSCwe23801	FPR2100: Mulitple snort3 & snort2 cores got generated and sensor goes down in KP platform
CSCwe24532	Multiple instances of nvram.out log rotated files under /opt/cisco/platform/logs/
CSCwe24880	Using proxy authentication in FMC for smart licensing is failing after upgrading to 7.0.5
CSCwe25187	FMC External authentication getting "Internal error"
CSCwe28094	ASA/FTD may traceback and reload after executing 'clear counters all' when VPN tunnels are created
CSCwe28726	The command "app-agent heartbeat" is getting removed when deleting any created context
CSCwe29179	CLUSTER: ICMP reply arrives at director earlier than CLU add flow request from flow owner.
CSCwe29381	Sybase arbiter is not up on FMC HA
CSCwe29498	occasional failure to load light-modal-ac-rule-xx.css with a net::ERR_TOO_MANY_RETRIES error
CSCwe29529	FTD MI does not adjust PVID on vlans attached to BVI
CSCwe29583	ASA/FTD may traceback and reload in Thread Name 'None' at lua_getinfo
CSCwe29850	ASA/FTD Show chunkstat top command implementation
CSCwe29952	SFDataCorrelator cores due to stuck database query after 1 hour deadlock timeout
CSCwe30228	ASA/FTD might traceback in funtion "snp_fp_l2_capture_internal" due to cf_reinject_hide flag
CSCwe30653	FTD upgrade failure at "999_finish/999_zz_install_bundle.sh" due to bad key cert
CSCwe30867	Workaround to set hwclock from ntp logs on low end platforms
CSCwe32375	7.0 - Snort3 process in D state and outage due to OOM
CSCwe32448	changing time window settings in FMC GUI event viewers may not work with FMC integrated with SecureX
CSCwe32537	ASDM Managed SFR modules 7.0.5 upgrade failure in 114_Snort_table_data_integrity_check.pl
CSCwe36176	ASA/FTD: High failover delay with large number of (sub)interfaces and http server enabled
CSCwe38029	Multiple traceback seen on standby unit.
CSCwe38585	FMC + FTD's Upgrade to 7.0.4(5) version from pre -7.0.0 version creates 7.2.0 configurations on FMC
CSCwe38640	EventHandler warnings if syslog facility is CONSOLE
CSCwe39425	2100: Power switch toggle leads to ungraceful shutdowns and "PowerCycleRequest" reset
CSCwe40463	Stale IKEv2 SA formed during simultaneous IKE SA handling when missing delete from the peer
CSCwe41898	ASA: FP2100 FTW timeout triggered by high CPU usage during FTD Access Control Policy deploy.
CSCwe44311	FP2100:Update LINA asa.log files to avoid recursive messages-<date>.1.gz rotated filenames
CSCwe44620	Question mark in NAT description causes config mismatch on Data members of an FTD cluster
CSCwe44672	Syslog ASA-6-611101 is generated twice for a single ssh connection
CSCwe44766	IMS: FP2100 FTW timeout triggered by high CPU usage during FTD Access Control Policy deploy.
CSCwe45779	ASA/FTD drops traffic to BVI if floating conn is not default value due to no valid adjacency
CSCwe45879	Frequent errors seen regarding failures to load bulkcsv files that don't exist
CSCwe48378	Remove FMC drop_cache trigger to prevent Disk I/O increase due to file cache thrashing
CSCwe48432	Unable to save Access Control Policy changes due to Internal error
CSCwe49185	Generate password does not meet requirements while in CC mode
CSCwe50993	SNMP on SFR module goes down and won't come back up
CSCwe51286	ASA/FTD may traceback and reload in Thread Name 'lina'
CSCwe51489	Unable to process query error on events; FMC UI; monetdb maximum connections reached
CSCwe52120	SSL decrypted conns fails when tx chksum-offload is enabled with the egress interface a pppoe.
CSCwe52499	NGIPSv syslog-tls.conf.tt needs filters removed when in CC mode
CSCwe52640	Certain containers have extra gray borders and certain containers are styled incorrectly
CSCwe54529	FTD on FPR2140 - Lina traceback and reload by TCP normalization
CSCwe55556	logging is getting disabled if ssl rules are reordered
CSCwe58576	FTD:Node not joining cluster with "Health check detected that control left cluster" due to SSL error
CSCwe58620	FMC 7.3 Connection Events page "Error: Unable to process this query. Please contact support."
CSCwe58881	After FMC upgrade, SecureX ribbon redirects to US cloud region regardless of the set cloud region
CSCwe59380	FTD: "timeout floating-conn" not operating as expected for connections dependent on VRF routing
CSCwe59664	DAP policy created in FMC Gui, to detect a Windows OS with a hotfix, will not work as expected
CSCwe59737	ASA/FTD reboots due to traceback pointing to watchdog timeout on p3_tree_lookup
CSCwe59809	WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (seq 45)
CSCwe59919	FTD Traceback and reload on Thread Name "NetSnmp Event mib process"
CSCwe61599	FTD 2100 -Update daq-ioq mempool to help protect against buffer corruption
CSCwe61928	PIM register packets are not sent to RP after a reload if FTD uses a default gateway to reach the RP
CSCwe61969	ASA Multicontext 'management-only' interface attribute not synced during creation
CSCwe62927	DCCSM session authorization failure cause multiple issues across FMC
CSCwe62997	ASA/FTD traceback in snp_tracer_format_route
CSCwe63067	ASA/FTD may traceback and reload in Thread Name 'lina' due to due to tcp intercept stat
CSCwe63232	ASA/FTD: Ensure flow-offload states within cluster are the same
CSCwe63316	Pri-Active FMC NOT triggering registration TASK for FTD to configure standby manager
CSCwe64404	ASA/FTD may traceback and reload after changing IP of authentication server
CSCwe64542	TID python processes stuck at 100% CPU
CSCwe64557	ASA: Prevent SFR module configuration on unsuported platforms
CSCwe64563	The command "neighbor x.x.x.x ha-mode graceful-restart" removed when deleting any created context
CSCwe65245	FP2100 series devices might use excessive memory if there is a very high SNMP polling rate
CSCwe65634	ASA - Standby device may traceback and reload during synchronization of ACL DAP
CSCwe66132	ASA/FTD may traceback and reload in Thread Name 'lina'
CSCwe66137	SSO user gets logged in to FMC UI if a valid local user credentials are pre-populated in the browser
CSCwe67751	Last fragment from SIP IPv6 packets has MF equal to 1, flagging that more packets are expected
CSCwe68159	Failover fover_trace.log file is flooding and gets overwritten quickly
CSCwe69388	FMC should push the AnyConnect Custom attribute defer keyword as lowercase instead of capitalized
CSCwe69833	IP addresses are susceptible to be skipped by geolocation rules when using snort 3
CSCwe70202	Multiple times the failover may be disabled by wrongly seeing a different "Mate operational mode".
CSCwe70558	FTD: unable to run any commands on CLISH prompt
CSCwe70721	Deployment is blocked due to Pre-deploy Validation Error - Invalid endpoint
CSCwe71284	ASA/FTD may traceback and reload in Thread Name DATAPATH-3-21853
CSCwe71672	Selective deployment negating the route configs
CSCwe71673	Selective deployment removing the prefilter-configs
CSCwe72535	Unable to login to FTD using external authentication
CSCwe73240	FMC runs out of space when Snort sends massive numbers of packet logs
CSCwe74059	logrotate is not compressing files on 9.16 ASA or 7.0 FTD
CSCwe74328	AnyConnect - mobile devices are not able to connect when hostscan is enabled
CSCwe74899	CD App Sync error is App Config Apply Failed on Secondary/Standby after backup restore on RMA device
CSCwe74916	Interface remains DOWN in an Inline-set with propagate link state
CSCwe75124	Upgraded FMC didn't mark FTD's with Hot Fix as light registered - failed FMC HA sync
CSCwe75207	High rate of network map updates can cause large delays and backlogs in event processing
CSCwe76036	ndclientd error message 'Local Disk is full' needs to provide mount details which is full
CSCwe78977	ASA/FTD may traceback and reload in Thread Name 'pix_flash_config_thread'
CSCwe79072	ASA/FTD may traceback and reload in Thread Name 'lina'
CSCwe79954	LDAP External auth config fails to deploy to FTD if same LDAP server is added as Primary and backup
CSCwe81684	ASA: Standby failure on parsing of "management-only" not reported to parser/failover subsystem
CSCwe83061	FMC Upgrade from Active-Primary FMC is failed with "Installation failed: Peer Discovery incomplete."
CSCwe83478	Prune target should account for the allocated memory from the thread pruned
CSCwe83775	Incorrect CPU and core metrics collected on 55XX platform
CSCwe83812	SFDataCorrelator log spam when network map is full
CSCwe84079	asa_snmp.log is not rotated, resulting in large file size, QP-HA MI 7.2.4-97
CSCwe85432	ASA/FTD traceback and reload on thread DATAPATH-14-11344 when SIP inspection is enabled
CSCwe86687	Apache Commons FileUpload before 1.5 does not limit the number of reques
CSCwe86690	In Apache MINA, a specifically crafted, malformed HTTP request may cause
CSCwe86693	An issue in protobuf-java allowed the interleaving of com.google.protobu
CSCwe88496	"Failed to convert snort 2 custom rules. Refer /var/sf/htdocs/ips/snort.rej for more details."
CSCwe89024	FTS under AC Policy Listing page with 'obj' gives Error Moving Data error with CTS DB
CSCwe89030	Serial number attribute from the subject DN of certificate should be taken as the username
CSCwe89305	vFMC300 to FMC2600 migration failure with error "migration from R to N is not allowed"
CSCwe89731	Notification Daemon false alarm of Service Down
CSCwe90202	ASA: Standby failure on parsing of "management-only" for dynamic configuraiton changes
CSCwe90720	ASA Traceback and reload in parse thread due ha_msg corruption
CSCwe91652	Database backup failed on KVM FMC
CSCwe91674	Mserver restarts frequently
CSCwe91958	correlation events based on connection events do not contain Security Intelligence Category content
CSCwe92905	ngfwManager process continuously restarting leading to ZMQ Out of Memory traceback
CSCwe93162	FP1140 7.0.4 Deployment keep failing with error "Can\'t use an undefined value as a HASH reference"
CSCwe93202	FXOS REST API: Unable to create a keyring with type "ecdsa"
CSCwe93489	Threat-detection does not recognize exception objects with a prefix in IPv6
CSCwe93532	ASA/FTD may traceback and reload in Thread Name 'lina'.
CSCwe93566	need to turn off default TLS 1.1 (deprecated) support for the FDM GUI
CSCwe94287	FTD DHCP Relay drops NACK if multiple DHCP Servers are configured
CSCwe95757	ASA/FTD may traceback and reload in Thread Name 'lina'
CSCwe96023	ASa/FTD: SNMP related traceback and reload immediately after upgrade from 6.6.5 to 7.0.1
CSCwe96068	ASA: Configurable CLU for Large amount of under/overruns on CLU RX/TX queues
CSCwe98430	AC policy deploy failing on 7.2.4 FMC to 6.7 FTD
CSCwe98435	Selective policy deploy with Identity Policy (captive-portal) and SSL Policy (dp-tcp-proxy) CLI
CSCwe98751	FMC is suddenly not showing stack after creation.
CSCwe99040	traceback and reload thread datapath on process tcpmod_proxy_continue_bp
CSCwe99550	Add knob to pause/resume file specific logging in asa log infra.
CSCwf00803	Mode / License mismatch information is not seen in show failover history
CSCwf02005	ActionQueue task sandbox data update throws SQL Error post 7.2.4 upgrade
CSCwf02363	Snort3 Crash in SslServiceDetector after call from nss_passwd_lookup
CSCwf03490	portmanager.sh outputing continuous bash warnings to log files
CSCwf04831	ASA/FTD may traceback and reload in Thread Name 'ci/console'
CSCwf06261	Health Monitoring exports negative snort swap memory metric value
CSCwf06818	Cisco Firepower Threat Defense Software Encrypted Archive File Policy Bypass Vulnerability
CSCwf07030	Upgrade Device listing page is taking more than 15 mins to load page fully with 25 FTDs registered
CSCwf07791	ASA running out of SNMP PDU and SNMP VAR chunks
CSCwf08043	Lina traceback and reload due to fragmented packets
CSCwf10422	"Security Intelligence feed download failed" displayed even though it succeeded
CSCwf12005	ASA sends OCSP request without user-agent and host
CSCwf12408	ASA: After upgrade to 9.16.4 all type-8 passwords are lost on first reboot
CSCwf14735	traceback and reload in Process Name: lina related to Nat/Pat
CSCwf14811	TCP normalizer needs stats that show actions like packet drops
CSCwf15858	LDAP authentication over SSL not working for users that send large authorisation profiles
CSCwf15978	xml2js version 0.4.23 allows an external attacker to edit or add new pro
CSCwf17814	ASA/FTD may traceback and reload in Thread Name '19', free block checksum failure
CSCwf19562	Changes to lamplighter logs written to /var/log/tid_process.log
CSCwf19853	FATAL errors in DBCheck due to missing columns in eventdb table
CSCwf20338	ASA may traceback and reload in Thread Name 'DHCPv6 Relay'
CSCwf21106	ASA/FTD: Traceback on thread name: snmp_master_callback_thread during SNMP and interface changes
CSCwf22568	FTD HA Creation fails resulting in devices showing up in an inconsistent state on the FMC
CSCwf23564	Unable to establish BGP when using MD5 authentication over GRE TUNNEL and FTD as passthrough device
CSCwf24124	SFDataCorrelator process crashing very frequently on the FMC.
CSCwf24773	crashhandler running with test mode snort
CSCwf26939	FTD may fail to create a NAT rule with error: "IPv4 dst real obj address range is huge"
CSCwf28488	Inconsistent log messages seen when emblem is configured and buffer logging is set to debug
CSCwf28592	In some specific scenarios, object optimizer can cause incorrect rules to be deployed to the device
CSCwf30716	ASA in multi context shows standby device in failed stated even after MIO HB recovery.
CSCwf30727	ASA integration with umbrella does not work without validation-usage ssl-server.
CSCwf31701	ASA traceback and reload with the Thread name: CP Crypto Result Processing
CSCwf31820	Firewall may drop packets when routing between global or user VRFs
CSCwf32890	Standby FMC SSH connection getting disconnected frequently.
CSCwf33574	ASA access-list entries have the same hash after upgrade
CSCwf34450	Snort3 crash after the consequent snort restart if duplicate custom apps are present
CSCwf35510	Possible segfault in snort3 when appid tries to delete the app info table
CSCwf42144	ASA/FTD may traceback and reload citing process name "lina"
CSCwf43288	Traceback in Thread Name: ssh/client in a clustered setup
CSCwf51933	FTD username with dot fails AAA-RADIUS external authentication login after upgrade
CSCwf57261	ASA: Traceback and reload due to clientless webvpn session closure
CSCwf57850	TelemetryApp process keeps exiting every minute after upgrading the FMC
CSCwf58876	KP2140-HA, reloaded primary unit not able to detect the peer unit
CSCwf76945	Packet data is still dropped after upgrade

Resolved Bugs in Version 7.0.5.1

Table last updated: 2022-04-26

Table 6. Resolved Bugs in Version 7.0.5.1
Bug ID	Headline
CSCwe52499	NGIPSv syslog-tls.conf.tt needs filters removed when in CC mode

Resolved Bugs in Version 7.0.5

Table last updated: 2022-11-17

Table 7. Resolved Bugs in Version 7.0.5
Bug ID	Headline
CSCvo17612	Return error messages when failing to retrieve objects from database
CSCvq70838	Traceback in the output of tail-logs command
CSCvr06065	Snort core due to DAQ IOQ Corruption
CSCvw82067	ASA/FTD 9344 blocks depleted due to high volume of fragmented traffic
CSCvw90399	FMC HA issues with too many open file descriptors for sfipproxy UDP conn
CSCvx24207	FQDN Object Containing IPv4 and IPv6 Addresses Only Install IPv6 Entries
CSCvx68586	Not able to login to UI/SSH on FMC, console login doesn't prompt for password
CSCvx75743	Inconsistent FMC audit log severity
CSCvx86569	Access Control Rule - Comment disappears if clicked to another tab before saving the comment.
CSCvy24180	Default variable set missing on FMC
CSCvy38070	File/Malware Event Report fails when date is x-axis and count y-axis for table chart
CSCvy38650	Unable to download captured file from FMC Captured files UI
CSCvy45048	Subsystem query parameter not filtering records for "auditrecords" restapi
CSCvy47927	Unable to select multiple policies for scheduled firepower recommended rules
CSCvy50598	BGP table not removing connected route when interface goes down
CSCvy63463	Error deleting users due to special characters
CSCvy65178	Need dedicated Rx rings for to the box BGP traffic on Firepower platform
CSCvy67765	FTD VTI reports TUNNEL_SRC_IS_UP false despite source interface is up/up and working
CSCvy68974	ActionQueue process is killed by OOM killer due to process utilizing more than 3 GB limit for memory
CSCvy73130	FP4100 platform: Active-Standby changed to dual Active after running "show conn" command
CSCvy75131	Occasionally deleted sensor/interfaces are not removed from security zones
CSCvy93607	Health monitor alert indicates QP HA in split brain when one device reboots and re-joins
CSCvy95520	Cisco Firepower Management Center and Firepower Threat Defense Software SSH DoS Vulnerability
CSCvy95809	Crashinfo script is invoked on SFR running snort2 and device fails to upgrade to 7.0
CSCvz07004	SNORT2: FTD is performing Full proxy even when SSL rule has DND action.
CSCvz09106	Cisco ASA and FTD Software SSL VPN Denial of Service Vulnerability
CSCvz13564	Firepower 2100 FTD: ssh-access-list configuration are lost after upgrading
CSCvz19364	FXOS does not send any syslog messages when the duplex changes to "Half Duplex"
CSCvz31184	Validation of unsupported flow-offload using pre-filter in passive/inline interfaces in FPR4100/9300
CSCvz32593	FPR4110 and FPR4115 in disabled state CD App Sync error is Rsync is not enabled on active device
CSCvz35669	KP-2110 Standby disabled upgrade 6.6.4-64 to 7.0.1-30 "CD App Sync error is App Config Apply Failed"
CSCvz36903	ASA traceback and reload while allocating a new block for cluster keepalive packet
CSCvz40542	FMC : Remote Storage Device's SMB share password does not make it when upgrading from 6.6 to 7
CSCvz40765	FMC CPU graph displays the wrong number of Snort and System cores
CSCvz42823	Bulk Operation of AC Policy REST API taking time
CSCvz43325	Active FMC not deregistering sensors after breaking HA
CSCvz49163	Observed some time drift in seconds in the output when we execute show rule hits multiple times
CSCvz52785	Management interface flaps every 13mins post upgrade from 9.12 to 9.14.2.15
CSCvz57917	High unmanaged disk usage on /ngfw filled with module-xxxx-x86_64.tgz files in packages folder
CSCvz60142	ASA/FTD stops serving SSL connections
CSCvz61456	Software upgrade on ASA application may failure without obvious reasons
CSCvz61463	FP9k SM-44 High CPU on radware vdp Cores after upgrade
CSCvz62517	SRU install should validate files upon completion
CSCvz68713	PLR license reservation for ASAv5 is requesting ASAv10
CSCvz69729	Unstable client processes may cause LINA zmqio traceback on FTD
CSCvz71596	"Number of interfaces on Active and Standby are not consistent" should trigger warning syslog
CSCvz77050	Occasionally policy deployment failure are reported as successful
CSCvz78331	SNMP polling fails after a re-image
CSCvz84733	LACP packets through inline-set are silently dropped
CSCvz85234	Facilities ALERT, AUDIT, CLOCK and KERN do not work in sending Audit Log to syslog from FMC.
CSCvz94841	Grammatical errors in failover operating mode mismatch error message
CSCwa03341	Standby's sub interface mac doesn't revert to old mac with no mac-address command
CSCwa06608	WM 1010 HA Failover is not successful when we give failover active in secondary.
CSCwa07390	Config only FMC: SI feed downloaded file does not match expected checksum
CSCwa15093	Access Policy Control Clear Hit Count throwing Error 403: Forbidden
CSCwa16626	Syslog over TLS accepting wildcard in middle of FQDN
CSCwa33248	Auto LSP update not getting triggered, missing Talos registration (beakerd)
CSCwa36535	Standby unit failed to join failover due to large config size.
CSCwa38996	Big number of repetitive messages in snmpd.log leading to huge log size
CSCwa41936	Cisco FTD Bleichenbacher Attack Vulnerability
CSCwa42596	ASA with SNMPv3 configuration observes unexpected reloads with snmpd cores
CSCwa43311	Snort blocking and dropping packet, with bigger size(1G) file download
CSCwa47737	ASA/FTD may hit a watchdog traceback related to snmp config writing
CSCwa49480	SNMP OID , stop working after around one hour and a half - FTD
CSCwa55142	SNORT3 / SSL / Definitive DND verdict when there's an extra DND bottom rule, instead of regular DND
CSCwa59907	LINA observed traceback on thread name "snmp_client_callback_thread"
CSCwa61361	ASAv traceback when SD_WAN ACL enabled, then disabled (or vice-versa) in PBR
CSCwa62025	IPv6: Some of egress interfaces of global and user vrf routes are missing in asp table
CSCwa64739	Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability
CSCwa68552	All type-8 passwords are lost upon upgrade from ASA 9.12-9.15 to 9.16, failover gets disabled
CSCwa72528	username form cert feature does not work with SER option
CSCwa72530	FTD: Time gap/mismatch seen when new node joins a Cluster Control node under history
CSCwa72641	URL incorrectly extracted for TLS v1.2 self signed URLs when "Early application detection" enabled
CSCwa72929	SNMPv3 polling may fail using privacy algorithms AES192/AES256
CSCwa73172	ASA reload and traceback in Thread Name: PIX Garbage Collector
CSCwa75966	ASA: Reload and Traceback in Thread Name: Unicorn Proxy Thread with Page fault: Address not mapped
CSCwa77083	Host information is missing when Security Zones are configured in Network Discovery rules
CSCwa78082	FMC intrusion event search produces inconsistent results
CSCwa80040	FMC NFS configuration failling after upgrade from 6.4.0.4 to 7.0.1
CSCwa81143	Unable to save the application policy filter. Save tab is stuck and its continuously loading.
CSCwa85492	URL lookup responding with two categories
CSCwa85709	Cisco Firepower Management Center Information Disclosure Vulnerability
CSCwa87298	ASA conn data-rate: incorrect "current rate" and "data-rate-filter" doesn't work properly
CSCwa89347	Cannot add object to network group on FMC
CSCwa90735	FTD/FXOS - ASAconsole.log files fail to rotate causing excessive disk space used in /ngfw
CSCwa91070	Cgroup triggering oom-k for backup process
CSCwa92596	Access Control File policy rule message is misleading and unnecessary
CSCwa92822	TLS client in the sftunnel TLS tunnel offers curves in CC mode that are not allowed by CC
CSCwa92883	Deployment Failed at phase-2 with domain snapshot error
CSCwa93499	Cisco Firepower Management Center Stored Cross-Site Scripting Vulnerability
CSCwa95079	ASA/FTD Traceback and reload due to NAT configuration
CSCwa97541	Cisco ASA FirePOWER Module, FMC and NGIPS SNMP Default Credential Vulnerability
CSCwa97917	ISA3000 in boot loop after powercycle
CSCwa98853	Error F0854 FDM Keyring's RSA modulus is invalid
CSCwa98983	Upgrade failed on FPR2100-HA at 800_post/901_reapply_sensor_policy.pl
CSCwa99171	Chassis and application sets the time to Jan 1, 2010 after reboot
CSCwa99931	ASA/FTD: Tuning of update_mem_reference process
CSCwa99932	ASA/FTD stuck after crash and reboot
CSCwb00749	FMC upgrade failure: 114_DB_table_data_integrity_check.pl failed
CSCwb01983	Cisco Firepower Management Center Cross-Site Scripting Vulnerability
CSCwb01990	Cisco Firepower Management Center Cross-Site Scripting Vulnerability
CSCwb01995	Cisco Firepower Management Center Cross-Site Scripting Vulnerability
CSCwb02006	Cisco Firepower Management Center Cross-Site Scripting Vulnerability
CSCwb02018	Cisco Firepower Management Center Cross-Site Scripting Vulnerability
CSCwb02026	Cisco Firepower Management Center Cross-Site Scripting Vulnerability
CSCwb02060	snmp-group host with Invalid host range and subnet causing traceback and reload
CSCwb03704	ASA/FTD datapath threads may run into deadlock and generate traceback
CSCwb04000	ASA/FTD: DF bit is being set on packets routed into VTI
CSCwb05148	Cisco ASA Software and FTD Software SNMP Denial of Service Vulnerability
CSCwb05291	Cisco ASDM and ASA Software Client-side Arbitrary Code Execution Vulnerability
CSCwb05920	Crash in KP at webVpn free, HTTPCleanUp and mem_mh_free from Scaled AC-IK/IPSec TVM test.
CSCwb06273	Continuous memory leak in the process hmlsd (SF::Messaging::smartSend)
CSCwb06847	ASA/FTD may traceback and reload in Thread Name 'DATAPATH-9-11543'
CSCwb07908	Standby FTD/ASA sends DNS queries with source IP of 0.0.0.0
CSCwb07981	Traceback: Standby FTD reboots and generates crashinfo and lina core on thread name cli_xml_server
CSCwb08644	ASA/FTD traceback and reload at IKEv2 from Scaled S2S+AC-DTLS+SNMP long duration test
CSCwb08773	FPR2130 LED is off when power supply module 1 is back
CSCwb08828	FP1010 Switchport access vlan interface in up/up status but not passing traffic
CSCwb12730	Policy deployment failed in FMC however FTD deployment status shows "INPROGRESS"
CSCwb16037	Unable to replace the anyconnect image when maximum memory used for anyconnect images.
CSCwb16663	Unable to configure NAP under Advanced Tab in AC policy
CSCwb16920	CPU profile cannot be reactivated even if previously active memory tracking is disabled
CSCwb17187	SNMP cores are generated every minute while running snmpwalk on HA
CSCwb17963	Unable to identify dynamic rate liming mechanism & not following msg limit per/sec at syslog server.
CSCwb19648	SNMP queries for crasLocalAddress are not returning the assigned IPs for SSL/DTLS tunnels.
CSCwb22592	SSH Functionalty stopped working after running long duration tests of SCP + Scaled TVM VPN Profiles
CSCwb23029	Cisco Firepower Management Center Software Command Injection Vulnerability
CSCwb23048	Cisco Firepower Management Center Software Command Injection Vulnerability
CSCwb24039	ASA traceback and reload on routing
CSCwb25809	Single Pass - Traceback due to stale ifc
CSCwb28123	FTD HA deployment fails with error "Deployment failed due to major version change on device"
CSCwb29126	Cannot use underscore (_) in FMC's realm AD Primary Domain configuration
CSCwb31551	When inbound packet contains SGT header, FPR2100 cannot distribute properly per 5 tuple
CSCwb31699	Primary takes active role after reload
CSCwb32267	Crash on KP Active node while clearing vpnsessiondb with AnyConnect-SSL TVM Profile running
CSCwb32418	Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability
CSCwb32841	NAT (any,any) statements in-states the failover interface and resulting on Split Brain events
CSCwb33184	Memory leak in MessageService causes UI slowness
CSCwb35675	Snort3 is partially in sync with Snort 2 warning alert
CSCwb37077	“show access-control-config” for DNS Reputation Enforcement does not work.
CSCwb37999	Customized Variables name cause Snort3 validation failure
CSCwb38406	GeoDB updates on multi-domain environment requires a manual policy deployment
CSCwb39431	FTD unified logs do not print the log as per rfc5424 standard
CSCwb40001	Long delays when executing SNMP commands
CSCwb41739	debug crypto conditional need to be made multi-ctx aware
CSCwb41854	Cisco FTD Software and Cisco FXOS Software Command Injection Vulnerability
CSCwb42978	ASA accepting invalid netmask in SSH/TELNET/HTTP/TFTP config
CSCwb43018	Implement SNP API to check ifc and ip belongs to HA LU or CMD interface
CSCwb43433	Jumbo frame performance has degraded up to -45% on Firepower 2100 series
CSCwb50405	ASA/FTD Traceback in crypto hash function
CSCwb51707	ASA Traceback and reload in process name: lina
CSCwb52401	Cisco Firepower Threat Defense Software Privilege Escalation Vulnerability
CSCwb53172	FTD: IKEv2 tunnels flaps every 24 hours and crypto archives are generated
CSCwb53191	Certificate validation fails post upgrade to 9.17.1
CSCwb53328	ASA/FTD Traceback and reload caused by Smart Call Home process sch_dispatch_to_url
CSCwb53694	Cisco Firepower Management Center Software XML External Entity Injection Vulnerability
CSCwb54791	ASA DHCP server fails to bind reserved address to Linux devices
CSCwb56718	Policy deployment fails with error- Rule update is running but there are no updates in progress.
CSCwb56905	ASA blocking 0.0.0.0 IP and netmask combination in SSH/TELNET/HTTP config
CSCwb57524	FTD upgrade fails - not enough disk space from old FXOS bundles in distributables partition
CSCwb57615	Configuring pbr access-list with line number failed.
CSCwb59465	ASA/FTD may traceback (watchdog) and reload when generating a syslog from the VPN Failover subsystem
CSCwb59488	ASA/FTD Traceback in memory allocation failed
CSCwb59619	PM needs to restart the Disk Manager after creating ramdisk to make DM aware of the ramdisk
CSCwb60993	FDM Need to block the deployment when a Security zone object is not associated with an interface
CSCwb61901	Cisco Firepower Management Center Cross-Site Scripting Vulnerability
CSCwb61908	Cisco Firepower Management Center Cross-Site Scripting Vulnerability
CSCwb62059	Unable to login to FTD using external authentication after upgrade
CSCwb64620	CC mode is not properly enabled on NGIPSv impacting syslog over TLS and SSH
CSCwb65447	FTD: AAB cores are not complete and not decoding
CSCwb65718	FMC is stuck on loading SI objects page
CSCwb66761	Cisco Firepower Threat Defense Software Generic Routing Encapsulation DoS Vulnerability
CSCwb67040	FP4112\|4115 Traceback & reload on Thread Name: netfs_thread_init
CSCwb68642	ASA traceback in Thread Name: SXP CORE
CSCwb68993	FTD/FDM: SSL connections to sites using RSA certs with 3072 bit keys may fail
CSCwb69503	ASA unable to configure aes128-gcm@openssh.com when FIPS enabled
CSCwb71460	ASA traceback in Thread Name: fover_parse and triggered by snmp related functions
CSCwb73248	FW traceback in timer infra / netflow timer
CSCwb74571	PBR not working on ASA routed mode with zone-members
CSCwb76129	Some SSL patterns not detected after VDB 356 or higher is installed
CSCwb76423	ASA crashes on fp2100 when checking CRL
CSCwb79812	RIP is advertising all connected Anyconnect users and not matching route-map for redistribution
CSCwb80108	FP2100/FP1000: Built-in RJ45 ports randomly not coming up after portmanager restart events
CSCwb80559	FTD offloads SGT tagged packets although it should not
CSCwb80862	ASA/FTD proxy arps any traffic when using the built-in 'any' object in translated destination
CSCwb82796	ASA/FTD firewall may traceback and reload when tearing down IKE tunnels
CSCwb83388	ASA HA Active/standby tracebacks seen approximately every two months.
CSCwb83691	ASA/FTD traceback and reload due to the initiated capture from FMC
CSCwb84901	CIAM: heimdal 1.0.1
CSCwb85633	Snmpwalk output of memory does not match show memory/show memory detail
CSCwb85822	Deployment failing when collecting policies.
CSCwb86118	TPK ASA: Device might get stuck on ftp copy to disk
CSCwb86565	FMC upgrade fails due Mismatch in number of entries between /etc/passwd and /etc/shadow
CSCwb87498	Lina traceback and reload during EIGRP route update processing.
CSCwb87950	Cisco ASA Software and FTD Software Web Services Interface Denial of Service Vulnerability
CSCwb88587	Cisco Firepower Management Center Cross-Site Scripting Vulnerability
CSCwb88651	Cisco ASA and FTD Software RSA Private Key Leak Vulnerability
CSCwb89187	Flex Config allow - "timeout icmp-error hh:mm:ss"
CSCwb90074	ASA: Multiple Context Mixed Mode SFR Redirection Validation
CSCwb90532	ASA/FTD traceback and reload on NAT related function nat_policy_find_location
CSCwb91101	SNMP interface threshold doesn't trigger properly when traffic sent to interface ~4gbps
CSCwb92376	FMC syslog-ng daemon fails to start if log facility is set to ALERT
CSCwb92709	We can't monitor the interface via "snmpwalk" once interface is removed from context.
CSCwb92937	Error 403: Forbidden when expanding in view group objects
CSCwb93932	ASA/FTD traceback and reload with timer services assertion
CSCwb94170	merovingian.log file extremly big size can fill the disk
CSCwb94190	ASA graceful shut down when applying ACL's with forward reference feature and FIPS enabled.
CSCwb94312	Unable to apply SSH settings to ASA version 9.16 or later
CSCwb95112	Intrusion Policy shows last modified by admin even though changes are made by a different user
CSCwb95787	FPR1010 - No ARP on switchport VLAN interface after portmanager DIED event
CSCwb97251	ASA/FTD may traceback and reload in Thread Name 'ssh'
CSCwc02488	ASA/FTD may traceback and reload in Thread Name 'None'
CSCwc02700	Fragmented packets are dropped when unit leaves cluster
CSCwc03069	Interface internal data0/0 is up/up from cli but up/down from SNMP polling
CSCwc03393	Lina traceback and core file size is beyond 40G and compression fails on FTD
CSCwc04959	Disk usage is 100% on secondary FMC .dmp files created utilized all the disk space
CSCwc05132	Unable to disable "Retrieve to Management Center
CSCwc06833	Deployment failure with ERROR Process Manager failed to verify LSP ICDB
CSCwc07262	Standby ASA goes to booting loop during configuration replication after upgrade to 9.16(3).
CSCwc08374	Azure ASA NIC MAC address for Gigeth 0/1 and 0/2 become out of order when adding interfaces
CSCwc09414	ASA/FTD may traceback and reload in Thread Name 'ci/console'
CSCwc10037	Cisco Firepower Management Center Cross-Site Scripting Vulnerability
CSCwc10483	ASA/FTD - Traceback in Thread Name: appAgent_subscribe_nd_thread
CSCwc10792	ASA/FTD IPSEC debugs missing reason for change of peer address and timer delete
CSCwc11511	FTD: SNMP failures after upgrade to 7.0.2
CSCwc11597	ASA tracebacks after SFR was upgraded to 6.7.0.3
CSCwc11663	ASA traceback and reload when modifying DNS inspection policy via CSM or CLI
CSCwc13017	FTD/ASA traceback and reload at at ../inspect/proxy.h:439
CSCwc13994	ASA - Restore not remove the new configuration for an interface setup after backup
CSCwc15530	Syslog facility "ALERT" should be changed on FDM since is not supported anymore by syslog-ng
CSCwc18285	Conn data-rate command can be enabled or disabled in unprivileged user EXEC mode
CSCwc18312	"show nat pool cluster" commands run within EEM scripts lead to traceback and reload
CSCwc18524	ASA/FTD Voltage information is missing in the command "show environment"
CSCwc23075	Upgrade to MariaDB 10.5.16 to get security vulnerability fixes
CSCwc23356	ASA/FTD may traceback and reload in Thread Name 'DATAPATH-20-7695'
CSCwc23695	ASA/FTD can not parse UPN from SAN field of user's certificate
CSCwc24582	Update diskmanager to monitor deploy directories in /ngfw/var/cisco/deploy/db
CSCwc24906	ASA/FTD traceback and reload on Thread id: 1637
CSCwc25207	WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 33)
CSCwc26406	FMC: Slowness in Device management page
CSCwc27236	FMC Health Monitoring JSON error
CSCwc27797	ASA mgmt ip cannot be released
CSCwc28334	Cisco ASA and FTD Software RSA Private Key Leak Vulnerability
CSCwc28532	9344 Block leak due to fragmented GRE traffic over inline-set interface inner-flow processing
CSCwc28660	Snort3: NFSv3 mount may fail for traffic through FTD
CSCwc28806	ASA Traceback and Reload on process name Lina
CSCwc28854	Incorrect IF-MIB response when failover is configured on multiple contexts
CSCwc28928	ASA: SLA debugs not showing up on VTY sessions
CSCwc29591	Retrospective file disposition updates fail due to incorrect eventsecond values in fileevent tables
CSCwc30487	High unmanaged disk usage on Firepower 2110 device
CSCwc31163	FPR1010 upgrade failed - Error running script 200_pre/100_get_snort_from_dc.pl
CSCwc32246	NAT64 translates all IPv6 Address to 0.0.0.0/0 when object subnet 0.0.0.0 0.0.0.0 is used
CSCwc33036	Observed Logs at syslog server side as more than configured message limit per/sec.
CSCwc33076	JOBS_TABLE not getting purged due to foreign Key constraint violation in policy_diff_main
CSCwc33323	FMC 7.0 - Receiving alert "health monitor process: no events received yet" for multiple devices
CSCwc34818	The device is unregistered when Rest API calls script.
CSCwc35969	cannot add IP from event to global lists (block or do-not-block) if similar IP is already on list
CSCwc36905	ASA traceback and reload due to "Heap memory corrupted at slib_malloc.c
CSCwc37061	SNMP: FMC doesn't reply to OID 1.3.6.1.2.1.25.3.3.1.2
CSCwc37695	In addition to the c_rehash shell command injection identified in CVE-2022-1292
CSCwc38567	ASA/FTD may traceback and reload while executing SCH code
CSCwc40381	ASA : HTTPS traffic authentication issue with Cut-through Proxy enabled
CSCwc41661	FTD Multiple log files with zero byte size.
CSCwc44289	FTD - Traceback and reload when performing IPv4 <> IPv6 NAT translations
CSCwc45108	ASA/FTD: GTP inspection causing 9344 sized blocks leak
CSCwc45397	ASA HA - Restore in primary not remove new interface configuration done after backup
CSCwc45759	NTP logs will eventually overwrite all useful octeon kernel logs
CSCwc46569	WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 34)
CSCwc46847	FXOS partition opt_cisco_platform_logs on FP1K/FPR2K may go Full due to ucssh_*.log
CSCwc47586	vFMC upgrade 7.0.4-36 > 7.3.0-1553 failed: Error running script 200_pre/007_check_sru_install.sh
CSCwc48375	Inbound IPSEC SA stuck inactive - many inbound SPIs for one outbound SPI in "show crypto ipsec sa"
CSCwc49369	When searching IPv6 rule in the access-control policy, no result will show
CSCwc49952	Selective deploy enables interaction with SRU interdependent-policies due to FMC API timeout
CSCwc50098	show ssl-policy-config does not show the policy when countries are being used in source/dest network
CSCwc50887	FTD - Traceback and reload on NAT IPv4<>IPv6 for UDP flow redirected over CCL link
CSCwc50891	MPLS tagging removed by FTD
CSCwc52351	ASA/FTD Cluster Split Brain due to NAT with "any" and Global IP/range matching broadcast IP
CSCwc52357	Estreamer page fails to load in ASDM
CSCwc53280	ASA parser accepts incomplete network statement under OSPF process and is present in show run
CSCwc54217	syslog related to failover is not outputted in FPR2140
CSCwc54984	IKEv2 rekey - Responding Invalid SPI for the new SPI received right after Create_Child_SA response
CSCwc56048	AD username with trailing space causes download of users/groups to fail
CSCwc56952	Able to see the SLA debug logs on both console & VTY sessions even if we enable only on VTY session.
CSCwc57088	Limit the number of deployment jobs in deploy history to 50 as default to avoid slowness
CSCwc57975	Snort3 crashes during the deployment - disabling TLS Server identity
CSCwc60037	ASA fails to rekey with IPSEC ERROR: Failed to allocate an outbound hardware context
CSCwc60907	WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 35)
CSCwc62144	FMC does not use proxy with authentication when accessing AMP cloud services
CSCwc62384	Vulnerabilities on Cisco FTD Captive Portal on TCP port 885
CSCwc65907	snort3 hangs in Crash handler which can lead to extended outage time during a snort crash
CSCwc66671	FMC ACP PDF report generared in blank/0 bytes using UI
CSCwc67111	Unable to bind to port 51320: Address already in use
CSCwc75061	FMC allows shell access for user name with "." but external authentication will fail
CSCwc76195	Fail-To-Wire interfaces flaps intermittently due to watchdog timeout in KP platform
CSCwc78296	Database may fail to shut down and/or start up properly during upgrade
CSCwc83037	WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 36)
CSCwc88425	FMC can download only the first 10000 cross-domain user groups
CSCwc88583	Deployment fails with error Invalid Snort3IntrusionPolicy mode. Supports only inline and inline-test
CSCwc96136	CCM layer (Seq 38) WR8, LTS18, LTS21
CSCwd07558	Access Control Policy Deployments failing after upgrading to 7.0.4 on SFR Managed by ASDM
CSCwd09093	Access rule policy page takes longer time to load
CSCwd09341	Multiple log files have zero bytes on the FMC
CSCwd24072	rsc_5_min.log store location should move to a different partition

Resolved Bugs in Version 7.0.4

Table last updated: 2022-08-10

Table 8. Resolved Bugs in Version 7.0.4
Bug ID	Headline
CSCvj08826	FMC ibdata1 file might grow large in size
CSCvw82067	ASA/FTD 9344 blocks depleted due to high volume of fragmented traffic
CSCvx59252	FXOS is not rotating log files for management interface
CSCvy16004	Delay in DIFF calculations can cause deployment issues and HA App sync timeout in FTDs
CSCvy50598	BGP table not removing connected route when interface goes down
CSCvy67765	FTD VTI reports TUNNEL_SRC_IS_UP false despite source interface is up/up and working
CSCvy73130	FP4100 platform: Active-Standby changed to dual Active after running "show conn" command
CSCvy99348	Shutdown command reboots instead of shutting the FP1k device down.
CSCvz36903	ASA traceback and reload while allocating a new block for cluster keepalive packet
CSCvz60142	ASA/FTD stops serving SSL connections
CSCvz68713	PLR license reservation for ASAv5 is requesting ASAv10
CSCvz69729	Unstable client processes may cause LINA zmqio traceback on FTD
CSCvz70539	Loggerd process is getting killed due to OOM under high logging rate
CSCwa00038	Disk corruption occurs when /mnt/disk0 partition is full and blade is rebooted
CSCwa03732	Deployment gets hung at snapshot generation phase during deploy or causes deploy slowness
CSCwa08640	MonetDB crashing due to file size error
CSCwa21061	FTD upgrade fails on 800_post/100_ftd_onbox_data_import.sh
CSCwa32628	SFDataCorrelator crash at AddFileToPendingHash() due to race condition
CSCwa42350	ASA installation/upgrade fails due to internal error "Available resources not updated by module"
CSCwa43311	Snort blocking and dropping packet, with bigger size(1G) file download
CSCwa43475	ASA SNMPd traceback in netsnmp_subtree_split
CSCwa45656	SLR license application failes on manged devices
CSCwa48169	ASA/FTD traceback and reload on netsnmp_handler_check_cache function
CSCwa59907	LINA observed traceback on thread name "snmp_client_callback_thread"
CSCwa61361	ASAv traceback when SD_WAN ACL enabled, then disabled (or vice-versa) in PBR
CSCwa62025	IPv6: Some of egress interfaces of global and user vrf routes are missing in asp table
CSCwa68552	All type-8 passwords are lost upon upgrade from ASA 9.12-9.15 to 9.16, failover gets disabled
CSCwa72530	FTD: Time gap/mismatch seen when new node joins a Cluster Control node under history
CSCwa73172	ASA reload and traceback in Thread Name: PIX Garbage Collector
CSCwa76621	Memory Usage Warnings - System memory leak caused by run_hm.pl
CSCwa85340	Unable to generate the PDF with access policy having large nested objects
CSCwa86210	When PM disables mysqld, sometimes it is taking longer than expected to fully shutdown.
CSCwa90615	WR8 and LTS18 commit id update in CCM layer (seq 24)
CSCwa95079	ASA/FTD Traceback and reload due to NAT configuration
CSCwa95694	Snort cores generated intermittently when SSL policy is enabled on the ASA-SFR module
CSCwa97910	Connection event report displays the same device twice
CSCwa97917	ISA3000 in boot loop after powercycle
CSCwa99931	ASA/FTD: Tuning of update_mem_reference process
CSCwb01633	FXOS misses logs to diagnose root cause of module show-tech file generation failure
CSCwb02060	snmp-group host with Invalid host range and subnet causing traceback and reload
CSCwb02316	"Non stop forwarding not supported on '1'" error while configuring MAC address
CSCwb05291	Cisco ASDM and ASA Software Client-side Arbitrary Code Execution Vulnerability
CSCwb06543	Increase logging level to diagnose LACP process unexpected restart events
CSCwb06847	ASA/FTD may traceback and reload in Thread Name 'DATAPATH-9-11543'
CSCwb07319	Entitlement tags contain invalid character.
CSCwb07908	Standby FTD/ASA sends DNS queries with source IP of 0.0.0.0
CSCwb07981	Traceback: Standby FTD reboots and generates crashinfo and lina core on thread name cli_xml_server
CSCwb08393	SSL policy deploy failing from FMC: Timeout waiting for snort detection engines to process traffic
CSCwb08644	ASA/FTD traceback and reload at IKEv2 from Scaled S2S+AC-DTLS+SNMP long duration test
CSCwb12465	FIPS self-tests must be run when CC mode is enabled - files are missing
CSCwb13294	WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 25)
CSCwb16920	CPU profile cannot be reactivated even if previously active memory tracking is disabled
CSCwb17187	SNMP cores are generated every minute while running snmpwalk on HA
CSCwb17963	Unable to identify dynamic rate liming mechanism & not following msg limit per/sec at syslog server.
CSCwb19648	SNMP queries for crasLocalAddress are not returning the assigned IPs for SSL/DTLS tunnels.
CSCwb19664	Malware Block false positives triggered after upgrade to version 7.0.1
CSCwb22359	Portmanager/LACP improvement to avoid false restarts and increase of logging events
CSCwb24039	ASA traceback and reload on routing
CSCwb24101	Loggerd syslog has stray incorrect timestamps, e.g. well before FirstPacketSecond
CSCwb25809	Single Pass - Traceback due to stale ifc
CSCwb28047	FMC - "Receiving thread exited with an exception: stoi" causing pxGrid to flap
CSCwb31699	Primary takes active role after reload
CSCwb32841	NAT (any,any) statements in-states the failover interface and resulting on Split Brain events
CSCwb40001	Long delays when executing SNMP commands
CSCwb41361	WR8, LTS18 and LTS21 commit id update in CCM layer (seq 26)
CSCwb43018	Implement SNP API to check ifc and ip belongs to HA LU or CMD interface
CSCwb46949	LTS18 commit id update in CCM layer (seq 27)
CSCwb49416	ASA snmpd Traceback & cores on an active unit
CSCwb50405	ASA/FTD Traceback in crypto hash function
CSCwb51707	ASA Traceback and reload in process name: lina
CSCwb53172	FTD: IKEv2 tunnels flaps every 24 hours and crypto archives are generated
CSCwb53191	Certificate validation fails post upgrade to 9.17.1
CSCwb53328	ASA/FTD Traceback and reload caused by Smart Call Home process sch_dispatch_to_url
CSCwb54791	ASA DHCP server fails to bind reserved address to Linux devices
CSCwb57615	Configuring pbr access-list with line number failed.
CSCwb59465	ASA/FTD may traceback (watchdog) and reload when generating a syslog from the VPN Failover subsystem
CSCwb59488	ASA/FTD Traceback in memory allocation failed
CSCwb67040	FP4112\|4115 Traceback & reload on Thread Name: netfs_thread_init
CSCwb68642	ASA traceback in Thread Name: SXP CORE
CSCwb71460	ASA traceback in Thread Name: fover_parse and triggered by snmp related functions
CSCwb73248	FW traceback in timer infra / netflow timer
CSCwb74357	FXOS is not rotating log files for partition opt_cisco_platform_logs
CSCwb74571	PBR not working on ASA routed mode with zone-members
CSCwb79812	RIP is advertising all connected Anyconnect users and not matching route-map for redistribution
CSCwb80559	FTD offloads SGT tagged packets although it should not
CSCwb80862	ASA/FTD proxy arps any traffic when using the built-in 'any' object in translated destination
CSCwb82796	ASA/FTD firewall may traceback and reload when tearing down IKE tunnels
CSCwb83388	ASA HA Active/standby tracebacks seen approximately every two months.
CSCwb83691	ASA/FTD traceback and reload due to the initiated capture from FMC
CSCwb84638	Portmanager/LACP improvement to capture logging events on external event restarts
CSCwb85633	Snmpwalk output of memory does not match show memory/show memory detail
CSCwb86118	TPK ASA: Device might get stuck on ftp copy to disk
CSCwb87498	Lina traceback and reload during EIGRP route update processing.
CSCwb88651	Cisco ASA and FTD Software RSA Private Key Leak Vulnerability
CSCwb89004	FMC DBcheck.pl hungs at "Checking mysql.rna_flow_stats_template against the current schema"
CSCwb90074	ASA: Multiple Context Mixed Mode SFR Redirection Validation
CSCwb90532	ASA/FTD traceback and reload on NAT related function nat_policy_find_location
CSCwb92583	upgrade with a large amount of unmonitored disk space used can cause failed upgrade and hung device
CSCwb92709	We can't monitor the interface via "snmpwalk" once interface is removed from context.
CSCwb93932	ASA/FTD traceback and reload with timer services assertion
CSCwb94190	ASA graceful shut down when applying ACL's with forward reference feature and FIPS enabled.
CSCwb94312	Unable to apply SSH settings to ASA version 9.16 or later
CSCwb97251	ASA/FTD may traceback and reload in Thread Name 'ssh'
CSCwc02416	Not re-subscribing to ISE topics after certain ISE connectivity issues.
CSCwc02488	ASA/FTD may traceback and reload in Thread Name 'None'
CSCwc02700	Fragmented packets are dropped when unit leaves cluster
CSCwc03069	Interface internal data0/0 is up/up from cli but up/down from SNMP polling
CSCwc08676	WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 32)
CSCwc09414	ASA/FTD may traceback and reload in Thread Name 'ci/console'
CSCwc10483	ASA/FTD - Traceback in Thread Name: appAgent_subscribe_nd_thread
CSCwc10792	ASA/FTD IPSEC debugs missing reason for change of peer address and timer delete
CSCwc11597	ASA tracebacks after SFR was upgraded to 6.7.0.3
CSCwc11663	ASA traceback and reload when modifying DNS inspection policy via CSM or CLI
CSCwc13017	FTD/ASA traceback and reload at at ../inspect/proxy.h:439
CSCwc13382	DCERPC traffic is dropped after upgrade to snort3 due to Parent flow is closed
CSCwc13994	ASA - Restore not remove the new configuration for an interface setup after backup
CSCwc18218	Database files on disk grow larger than expected for some frequently updated tables
CSCwc18312	"show nat pool cluster" commands run within EEM scripts lead to traceback and reload
CSCwc23695	ASA/FTD can not parse UPN from SAN field of user's certificate
CSCwc24906	ASA/FTD traceback and reload on Thread id: 1637
CSCwc27797	ASA mgmt ip cannot be released
CSCwc28334	Cisco ASA and FTD Software RSA Private Key Leak Vulnerability
CSCwc28532	9344 Block leak due to fragmented GRE traffic over inline-set interface inner-flow processing
CSCwc32246	NAT64 translates all IPv6 Address to 0.0.0.0/0 when object subnet 0.0.0.0 0.0.0.0 is used
CSCwc41590	Upgrade fail & App Instance fail to start with err "CSP_OP_ERROR. CSP signature verification error."
CSCwc53680	MonetDB crashing due to file size error (7.2.0-7.4.0)

Resolved Bugs in Version 7.0.3

Table last updated: 2022-06-30

Table 9. Resolved Bugs in Version 7.0.3
Bug ID	Headline
CSCwa65014	Cloud-managed 7.0.3 device support for 7.2 FMC eventing
CSCwa75204	SNORT3 Certsize 16k traffic failing on 2100 with all SSL rules
CSCwa98690	AWS FTDv AutoScale_layer.zip file is using vulnerable pycrypto 2.x toolkit
CSCwb93932	ASA/FTD traceback and reload with timer services assertion

Resolved Bugs in Version 7.0.2.1

Table last updated: 2022-06-27

Table 10. Resolved Bugs in Version 7.0.2.1
Bug ID	Headline
CSCwb93932	ASA/FTD traceback and reload with timer services assertion

Resolved Bugs in Version 7.0.2

Table last updated: 2022-05-05

Table 11. Resolved Bugs in Version 7.0.2
Bug ID	Headline
CSCvt68055	snmpd is respawning frequently on fxos for FP21xx device
CSCvy82668	SSH session not being released
CSCvy64145	WR6 and WR8 commit id update in CCM layer(sprint 113, seq 12)
CSCvt15348	ASA show processes cpu-usage output is misleading on multi-core platforms
CSCvy72841	Firepower 1K FTD sends LLDP packets with internal MAC address of eth2 interface
CSCvz80981	SNMPv3 doesn't work for SFR modules running version 7.0
CSCvy08351	Intrusion and Correlation Email Alerts stop being sent to mail server
CSCvz66474	Snmpd core files generated on FTD
CSCvx75683	The 'show cluster info trace' output is overwhelmed by 'tag does not exist' messages
CSCvz25434	ASA/FTD blackholes traffic due to 1550 block depletion when BVI is configured as DHCP client
CSCwa45799	High CPU on FXOS due to bcm_usd process
CSCwa18889	Clock drift observed between Lina and FXOS on multi-instance
CSCvy99217	IKEv2: SA Error code should be translated to human friendly reason
CSCvz00961	AnyConnect connection failure related to ASA truncated/corrupt config
CSCvz36905	If we add v6 route same as V route , duplicate entry is getting created.
CSCwa58060	LSP download fails if no ICMP reply is received from updates-talos.sco.cisco.com
CSCvz03524	PKI "OCSP revocation check" failing due to sha256 request instead of sha1
CSCwa74900	Traceback and reload after enabling debug webvpn cifs 255
CSCvz29233	ASA: ARP entries from custom context not removed when an interface flap occurs on system context
CSCvy35416	Deploy failure from global domain when parallel deploy triggered to different child domains
CSCvy99218	VDB Version shouldn't be update if fails
CSCvz81888	NTP will not change to *(synced) status after upgrade to asa-9.15.1/9.16.1.28 from asa-9.14.3
CSCvx66329	FTD Hotfix Cisco_FTD_SSP_FP2K_Hotfix_O installation fails on script 000_start/125_verify_bundle.sh
CSCvz75988	Inconsistent logging timestamp with RFC5424 enabled
CSCvz52199	Increase precision of ASA VPN load-balancing algorithm
CSCvz48407	Traceback and reload in Thread Name: DATAPATH-15-18621
CSCvz05687	Fragmented Certificate request failed for DND flow
CSCwa96759	Lina may traceback and reload on tcpmod_proxy_handle_mixed_mode
CSCvz90722	With object-group in crypto ACL sum of hitcnt mismatches with the individual elements
CSCvz59950	IKEv2 Crash from scaled long duration test on KP-FPR2130
CSCvz38332	FTD/ASA - Stuck in boot loop after upgrade from 9.14.2.15 to 9.14.3
CSCvz55140	WR6, WR8 and LTS18 commit id update in CCM layer(sprint 117, seq 17)
CSCwa58686	ASA/FTD Change in OGS compilation behavior causing boot loop
CSCvz43455	ASAv observed traceback while upgrading hostscan
CSCvz20679	FTDv - Lina Traceback and reload
CSCvz60578	Cluster unit in MASTER_POST_CONFIG state should transition to Disabled state after an interva
CSCvz59464	IPReputation Feed Error Message-Method Not Allowed
CSCvy31424	QP FTD application fails to start due to outdated affinity.conf following FXOS/FTD upgrade
CSCvz79930	Snort3 .dmp and crashinfo files are not managed by diskmanager
CSCvy89144	Cisco ASA and FTD Web Services Denial of Service Vulnerability
CSCwa19713	Traffic dropped by ASA configured with BVI interfaces due to asp drop type "no-adjacency"
CSCvz70958	High Control Plane CPU on StandBy due to dhcpp_add_ipl_stby
CSCvz61689	Port-channel member interfaces are lost and status is down after software upgrade
CSCvz92016	Cisco ASA and FTD Software Web Services Interface Privilege Escalation Vulnerability
CSCvz34831	If ASA fails to download DACL it will never stop trying
CSCvz90375	Low available DMA memory on ASA 9.14 at boot reduces AnyConnect sessions supported
CSCvy40401	L2L VPN session bringup fails when using NULL encryption in ipsec configuration
CSCwa76822	Tune throttling flow control on syslog-ng destinations
CSCvz33468	ASA/FTD - NAT stops translating source addresses after changes to object-groups in manual NAT Rule
CSCwa11186	Mask sensitive information in aaa ldap debugs
CSCvz00383	FTD lina traceback and reload in thread Name Checkheaps
CSCvy17030	FMC Connection Events page "Error: Unable to process this query. Please contact support."
CSCvx97053	Unable to configure ipv6 address/prefix to same interface and network in different context
CSCvx24470	FTD/FDM: RA VPN sessions disconnected after every deployment if custom port for RA VPN is configured
CSCwa05385	WR6, WR8 and LTS18 commit id update in CCM layer(sprint 124, seq 19)
CSCvz96440	FMC should not create archival for NGIPS devices
CSCwa68660	FTP inspection stops working properly after upgrading the ASA to 9.12.4.x
CSCvy98027	Application interface down whereas physical interface Up on FXOS
CSCvx95652	ASAv Azure: Some or all interfaces might stop passing traffic after a certain period of run time
CSCvz73146	FTD - Traceback in Thread Name: DATAPATH
CSCwa87597	ASA/FTD Failover: Joining Standby reboots when receiving configuration replication from Active mate
CSCwb01919	FP2140 ASA 9.16.2 HA units traceback and reload at lua_getinfo (getfuncname)
CSCvy96895	ASA disconnects the VTY session using of Active IP address and Standby MAC address after failed over
CSCwa55878	FTD Service Module Failure: False alarm of "ND may have gone down"
CSCwa14725	ASA/FTD traceback and reload on IKE Daemon Thread
CSCvy35737	FTD traceback and reload during anyconnect package verification
CSCvz91218	Statelink hello messages dropped on Standby unit due to interface ring drops on high rate traffic
CSCwa20758	WR6, WR8 and LTS18 commit id update in CCM layer(sprint 124, seq 20)
CSCwa67882	Offloaded GRE tunnels may be silently un-offloaded and punted back to CPU
CSCwa67884	Conditional flow-offload debugging produces no output
CSCwa97784	ASA: Jumbo sized packets are not fragmented over the L2TP tunnel
CSCwa29956	"Interface configuration has changed on device" message may be shown after FTD upgrade
CSCwa60574	ASA traceback and reload on snp_ha_trans_alloc_msg_muxbuf_space function
CSCwa89243	SNMP no longer responds to polls after upgrade to 9.15.1.17
CSCvz30582	Cisco Firepower Management Center Cross-site Scripting Vulnerability
CSCwa04461	Cisco ASA Software and FTD Software Remote Access SSL VPN Denial of Service
CSCwa30114	"Error:NAT unable to reserve ports" when using a range of ports in an object service
CSCvy80030	ENH: Addition of "show coredump filesystem" to "show tech" output
CSCwa39680	Snort stops processing packets when SSL decryption debug enabled - Snort2
CSCvy96803	ASA/FTD traceback and reload in Process Name "lina" or "snmp_alarm_thread"
CSCvz34149	Update the new location of /opt/cisco/platfom/logs/var/log/messages
CSCvo77184	VMware ASAv should default to vmxnet3, not e1000
CSCvx92932	Missing events on FMC due to SFDataCorrelator process exiting
CSCwa79980	SNMP get command in FPR does not show interface index.
CSCvz38976	7.1/Firepower Threat Defense device occasionally unable to pass large packets/Fragmentation failures
CSCvz64470	ASA/FTD Traceback and reload due to memory corruption when generating ICMP unreachable message
CSCwb34035	ASA CLI gets hung randomly while configuring SNMP
CSCvz00032	Cisco Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability
CSCvu23149	Backup generation in FMC fails due to corrupt SID_GID_ORD index in database table rule_opts
CSCwa57115	New access-list are not taking effect after removing non-existance ACL with objects.
CSCvz37306	ASDM session is not served for new user after doing multiple context switches in existing user
CSCwa53489	Lina Traceback and Reload Due to invalid memory access while accessing Hash Table
CSCvy98458	FP21xx -traceback "Panic:DATAPATH-10-xxxx -remove_mem_from_head: Error - found a bad header"
CSCvy52924	FTD loses OSPF network statements config for all VRF instances upon reboot
CSCvz92932	ASA show tech execution causing spike on CPU and impacting to IKEv2 sessions
CSCvz44339	FTD - Deployment will fail if you try to delete an SNMP host with ngfw-interface and host-group
CSCwa40223	Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability
CSCvy47108	Remote Access IKEv2 VPN session cannot be established because of stuck Uauth entry
CSCvy86780	Error Could not complete LSP installation. Please try again.
CSCvz57710	conf t is converted to disk0:/t under context-config mode
CSCvz14377	Losing admin and other users from Mysql DB and EO
CSCvz89126	ASDM session/quota count mismatch in ASA when multiple context switchover is done from ASDM
CSCvy78209	Getting Snort High CPU alerts but top.log is not showing high CPU
CSCwa19443	Flow Offload - Compare state values remains in error state for longer periods
CSCvy91668	PAT pool exhaustion with stickiness traffic could lead to new connection drop.
CSCwa70008	Expired certs cause Security Intelligence updates to fail
CSCvz81480	IV in the outbound pkt is not updated on Nitrox V platforms when GCM is used for IPsec
CSCvx70480	403 error when accessing Policies -> Access Control after exporting User Role from FMC(4600) to FMCv
CSCwa18795	Crash at "thread: Unicorn Proxy Thread cpu: 7 watchdog_cycles" from Scaled AC-SSL TVM Profle test
CSCvz67816	IPV6 DNS PTR query getting modified on FTD
CSCvy96698	Resolve spurious status actions checking speed values twice in FXOS portmgr
CSCvs85607	FXOS login breaks when log partition gets full
CSCwb18252	FTD/ASA: Traceback on BFD function causing unexpected reboot
CSCvz02076	Snort reload times out causing restart
CSCvz44645	FTD may traceback and reload in Thread Name 'lina'
CSCwa79676	FPR1010 in HA Printing Broadcast Storm Alerts for Multiple Interfaces
CSCvy24921	SNMPv3 - SNMP EngineID changes after every configuration change
CSCvz36933	Sensor SNMP process may restart when policy deploy
CSCvz86796	Crash in thread CMP when doing CMPV2 enrollment
CSCvz70316	LINA may generate traceback and reload
CSCwa60300	axios 0.21.1
CSCvy30392	Backup generation on FMC fails due to corrupt int_id index in table ids_event_msg_map
CSCvz55849	FTD Traceback and Reload on process LINA
CSCvz61160	ASA traceback on DATAPATH when handling ICMP error message
CSCvx43150	On the FMC, process of registration of member device post RMA is not successful
CSCwa91090	SSL handshake logging showing unknown session during AnyConnect TLSv1.2 Session establishment
CSCvz43848	TID source stuck at parsing state
CSCvz61767	Policy deployment with SNMPv2 or SNMPv1 configuration fails
CSCvz69571	ASA log shows wrong value of the transferred data after the anyconnect session terminated.
CSCwa51862	LSP downloads fail when using proxy
CSCwa31373	duplicate ACP rules are generated on FMC 6.6.5 after rule copy.
CSCwa65389	ASA traceback and reload in Unicorn Admin Handler when change interface configuration via ASDM
CSCwa32286	WR6, WR8 and LTS18 commit id update in CCM layer(sprint 125, seq 21)
CSCwa08262	AnyConnect users with mapped group-policies take attributes from default GP under the tunnel-group
CSCvy96625	Roll back changes introduced by CSCvr33428 and CSCvy39659
CSCwa36678	Random FTD reloads with the traceback during deployment from FMC
CSCvz50712	TLS server discovery uses incorrect source IP address for probes in AnyConnect deployment
CSCwa41918	ssl inspection may have unexpected behavior when evicting certificates
CSCwa36672	ASA on FPR4100 traceback and reload when running captures using ASDM
CSCvz64548	SFTunnel on device not processing event messages
CSCvy93480	Cisco ASA and FTD Software IKEv2 Site-to-Site VPN Denial of Service Vulnerability
CSCvy43002	Observed crash while running SNMPWalk + S2S-IKEv2 and AnyConnect TVM Profiles
CSCwa46963	Security: CVE-2021-44228 -> Log4j 2 Vulnerability
CSCvy74984	ASAv on Azure loses connectivity to Metadata server once default outside route is used
CSCvv36788	MsgLayer[PID]: Error : Msglyr::ZMQWrapper::registerSender() : Failed to bind ZeroMQ Socket
CSCvy97080	Snort3 unexpected restart while proccessing SMB traffic
CSCwa67145	Realm download fails if one of the groups is deleted on the AD
CSCvz77744	OSPFv3: FTD Wrong "Forwarding address" added in ospfv3 database
CSCvz17923	Dispatcher doesn't account for asynclock pend q work under some conditions result lower cpu util
CSCvx67851	PLR on FDM for ISA3000
CSCwa56449	ASA traceback in HTTP cli EXEC code
CSCvz77662	Crash at data-path from Scaled AC-SSL TVM Profile test.
CSCwb09219	ASA/FTD: OCSP may fail to work after upgrade due to "signer certificate not found"
CSCvz84850	ASA/FTD traceback and reload caused by "timer services" function
CSCwa42594	ASA: IP Header check validation failure when GTP Header have SEQ and EXT field
CSCwa40312	Standby ASA unit showing wrong IPV6 messages
CSCwa88571	Unable to register FMC with the Smart Portal
CSCvk62945	ASA: Syslog 317007 not found error received
CSCvz38692	ASAv traceback in snmp_master_callback_thread and reload
CSCwa50145	FPR8000 sensor UI login creates shell user with basic privileges
CSCvz08387	ASP drop capture output may display incorrect drop reason
CSCvy35352	Error handling for Suppression settings needed in certain conditions
CSCvy69453	WM Standby device do not send out coldstart trap after reboot.
CSCwa02929	FTD Blocks Traffic with SSL Flow Error CORRUPT_MESSAGE
CSCvz89545	SSL VPN performance degraded and significant stability issues after upgrade
CSCvz24765	device rebooted with snmpd core
CSCvz07614	ASA: Orphaned SSH session not allowing us to delete a policy-map from CLI
CSCvy40482	9.14MR3: snmpwalk got failed with [Errno 146] Connection refused error.
CSCvz02425	Deployment failing due to NPE while reading policy names
CSCvz28103	FDM: Saving DHCP relay config throws flex-config/smart CLI error
CSCvz01604	ASA High CPU (100%) when testing DDoS under 100K CPS rate despite fix introduced by CSCvx82503
CSCvu96436	Traceback of master and one slave when a particular lock is contended for long
CSCvy79952	ASA/FTD traceback and reload after downgrade
CSCvx80830	VPN conn fails from same user if Radius server sends a dACL and vpn-simultaneous-logins is set to 1
CSCvy39791	Lina traceback and core file size is beyond 40G and compression fails.
CSCvy64911	Debugs for: SNMP MIB value for crasLocalAddress is not showing the IP address
CSCwa68805	FTD Traceback & reload during HA creation
CSCvz71064	Deleting The Context From ASA taking Almost 2 Minutes with ikev2 tunnel
CSCvz40352	ASA traffic dropped by Implicit ACL despite the fact of explicit rules present on Access-list
CSCvz86256	Primary ASA should send GARP as soon as split-brain is detected and peer becomes cold standby
CSCvy34333	When ASA upgrade fails, version status is desynched between platform and application
CSCvz72771	ASA/FTD may traceback and reload. "c_assert_cond_terminate" in stack trace
CSCvw37191	FXOS SNMPv3 Engine ID changes after reboot
CSCwa34287	ASA: Loss of NTP sync following a reload after upgrade
CSCvz83432	WR6, WR8 and LTS18 commit id update in CCM layer(sprint 121, seq 18)
CSCwa31508	Continuous deployment failure on QW-4145 device
CSCvz81342	Diskmanager not pruning AMP File Capture files
CSCvy60831	ASA/FTD Memory block location not updating for fragmented packets in data-path
CSCvz67003	ASDM session count and quota management's count mismatch. 'Lost connection firewall' msg in ASDM
CSCvz67001	FMC Event backups to remote SSH storage targets fail
CSCvz47709	[IMS_7_1_0] DeployACPolicyPostUpgrade at Upgrade FMC 7.1.0 - 2022
CSCvz23157	SNMP agent restarts when show commands are issued
CSCwa96327	Incorrect ifHighSpeed value for a interfaces that are port channel members
CSCvw29647	FTD: NAS-IP-Address:0.0.0.0 in Radius Request packet as network interface for aaa-server not defined
CSCvz61658	CPU hogs in update_mem_reference
CSCvy78525	VRF route lookup for TCP ping is missing
CSCvz82562	ASA/FTD: site-to-site VPN - traffic incorrectly fragmented
CSCvy56395	ASA traceback and reload due to snmp encrypted community string when key config is present
CSCwa79494	Traffic keep failing on Hub when IPSec tunnel from Spoke flaps
CSCvz88149	Lina traceback and reload during block free causing FTD boot loop
CSCvy89658	WR6, WR8 and LTS18 commit id update in CCM layer(sprint 114, seq 13)
CSCvz38361	BGP packets dropped for non directly connected neighbors
CSCvx14489	snmpwalk fails on ipv6 interface post a failover
CSCwa90408	Crash on SSH SCP from long duration test.
CSCvz58710	ASA traceback due to SCTP traffic.
CSCvy55439	FTDv throughput degredation due to frequent PDTS read/write
CSCvy08972	Event Database runs into utf8 error causing pause in processing of events
CSCwa35200	Some syslogs for AnyConnect SSL are generated in admin context instead of user context
CSCvi58484	Cluster: ping sourced from FTD/ASA to external IPs may if reply lands on different cluster unit
CSCvz30558	Cisco Firepower Management Center Cross-site Scripting Vulnerability
CSCwa69303	ASA running on SSP platform generate critical error "[FSM:FAILED]: sam:dme:MgmtIfSwMgmtOobIfConfig"
CSCwb42846	Snort instance CPU stuck at 100%
CSCvy73585	FMC should not allow to configure port-channel ID higher than 8 on FPR1010
CSCvz95108	FTD Deployment failure post upgrade due to major version change on device
CSCwa38277	ASA NAT66 with big range as a pool don't works with IPv6
CSCvy33501	FDM failover pair - new configured sVTI IPSEC SA is not synced to standby. FDM shows HA not in sync
CSCvy21334	Active tries to send CoA update to Standby in case of "No Switchover"
CSCvz20544	ASA/FTD may traceback and reload in loop processing Anyconnect profile
CSCvz61431	"Netsnmp_update_ma_config: ERROR Failed to build req"messages seen during cluster configuration sync
CSCvv43190	Crypto engine errors when GRE header protocol field doesn't match protocol field in inner ip header
CSCvy04430	Management Sessions fail to connect after several weeks
CSCvy95329	Incorrect Access rule matching because of ac rule entry missing
CSCvy04343	ASA in PLR mode,"license smart reservation" is failing.
CSCwa25033	Unexpected HTTP/2 data frame causing segfault
CSCvz53884	SNMP OID HOST-RESOURCES-MIB (1.3.6.1.2.1.25) does not exist on FMC
CSCwb01700	ASA: SSH and ASDM sessions stuck in CLOSE_WAIT causing lack of MGMT for the ASA
CSCvz55395	TCP connections are cleared after configured idle-timeout even though traffic is present
CSCvx36885	ASA reload and traceback in DATAPATH
CSCvz05468	Multiple SSH host entries in platform settings as first feature enable/deploy will break SSH on LINA
CSCvz95949	FP1120 9.14.3 : temporary split brain happened after active device reboot
CSCvz65181	Cisco Firepower Threat Defense Software Security Intelligence DNS Feed Bypass Vulnerabilit
CSCwa98684	Console has an excessive rate of warnings during policy deployment
CSCvy10789	FTD 2110 ascii characters are disallowed in LDAP password
CSCvz12494	In FPR2100,after power off/on,the fxos version is mismatched with asa version.
CSCvz62578	Cannot edit or move AC rules for SFR module in Administrator rules section in ASDM
CSCwa26353	snort3 - Policy does not become dirty after updating LSP -when only custom intrusion policies in use
CSCvz55302	FTD/ASA Traceback and reload due to SSL null checks under low memory conditions
CSCwa85043	Traceback: ASA/FTD may traceback and reload in Thread Name 'Logger'
CSCvz39646	ASA/AnyConnect - Stale RADIUS sessions
CSCwa13873	ASA Failover Split Brain caused by delay on state transition after "failover active" command run
CSCvz85437	FTD 25G, 40G and 100G interfaces down after upgrade of FXOS and FTD to 2.10.1.159 and 6.6.4
CSCvv48942	Snmpwalk showing traffic counter as 0 for failover interface
CSCvy74781	The standby device is sending the keep alive messages for ssl traffic after the failover
CSCwa36661	Traffic is not hitting on some egress interfaces of user vrf due to routes missing in asp table
CSCvz69699	Unable to access UI of FMC integrated with ISE using PxGrid
CSCwa33364	FTD misleading OVER_SUBSCRIBED flow flag for mid-stream flow-issue seen on MR branches
CSCwa11052	SNMP Stopped Responding After Upgrading to Version- 9.14(2)15
CSCwa48849	ssl unexpected behavior with resumed sessions
CSCwa56975	DHCP Offer not seen on control plane
CSCvy78573	cloudagent should not send zero-length urls to beaker for lookup
CSCvz58376	Snort down after deploying the policy
CSCvz36862	FMC policy deployment takes more than 15 min on phase 3
CSCvw65324	mserver core on buildout FMC caused by concurrent merge table queries
CSCvy58268	Block 80 and 256 exhaustion snapshots are not created
CSCvx79526	Cisco ASA and FTD Software Resource Exhaustion Denial of Service Vulnerability
CSCvz93407	IPS policy with space in name becomes unusable after upgrade
CSCwa36889	FTD management interface programming is broken in FXOS
CSCvu18510	MonetDB's eventdb crash causes loss of connection events on FMC
CSCvz53993	Random packet block by Snort in SSL flow
CSCvz53142	ASA does not use the interface specified in the name-server command to reach IPv6 DNS servers
CSCvz00934	Not able to configure VTI with tunnel source as (FMC Access) data-interface
CSCwa40719	Traceback: Secondary firewall reloading in Threadname: fover_parse
CSCvy35948	WR6, WR8 and LTS18 commit id update in CCM layer(sprint 111, seq 11)
CSCwa17918	Unable to uncheck option Always advertise the default route for OSPF
CSCwa55418	multiple db folders current-policy-bundle after deployment with anyconnect package before upgrade
CSCvz35787	FTD misleading OVER_SUBSCRIBED flow flag for mid-stream flow
CSCvz15676	In Firepower 1010 device, after upgrading ASA app, device going for fail safe mode
CSCvz70595	Traceback observed on ASA while handling SAML handler
CSCvy90836	ASA Traceback and reload in Thread Name: SNMP ContextThread
CSCvz78816	ASA disconnects the ssh, https session using of Active IP address and Standby MAC address after FO
CSCvz30933	ASA tracebacks and reload when clear configure snmp-server command is issued
CSCvz96462	IP Address 'in use' though no VPN sessions
CSCvz94573	MIO heartbeat failure caused by heartbeat dropped by delay
CSCwa14485	Cisco Firepower Threat Defense Software Denial of Service Vulnerability
CSCwa33898	Cisco Adaptive Security Appliance Software Clientless SSL VPN Heap Overflow Vulnerability
CSCvy19170	SAML: Memory leaks observed for AnyConnect IKEv2
CSCwa99932	ASA/FTD stuck after crash and reboot
CSCvz89327	OSPFv2 flow missing cluster centralized "c" flag
CSCwa03347	IPv6 PIM packets are dropped in ASP with invalid-ip-length drop reason
CSCvz05541	ASA55XX: Expansion module interfaces not coming up after a software upgrade
CSCwa34110	FMC should support southern hemisphere DST configurations
CSCvy90162	Seen crash related to watchdog bark at Unicorn Proxy Thread from scaled AC-SSL-SAML Auth TVM profile
CSCvz71569	FTD Traceback & reload due to process ZeroMQ out of memory condition
CSCvz25454	ASA: Drop reason is missing from 129 lines of asp-drop capture
CSCvz68336	SSL decryption not working due to single connection on multiple in-line pairs
CSCvy37484	Entries in device_policy_ref is huge causing slow performance when opening DeviceManagement page
CSCvz41761	FMC Does not allow to create an EIGRP authentication secret key using the $ character
CSCvq29993	FPR2100 ONLY - PERMANENT block leak of size 80, 256, and 1550 memory blocks & blackholes traffic
CSCwa76564	ASDM session/quota count mismatch in ASA when multiple context switch before and after failover
CSCvz05189	FTD reload with Lina traceback during xlate replication in Cluster
CSCwa87315	ASA/FTD may traceback and reload in Thread Name 'IP Address Assign'
CSCvc57575	ISIS:Invalid ISIS debugs displayed while deleting context.
CSCvy32366	After upgrading ASA to 9.15(1)10, ASDM 7.15(1)150 One Time Password (OTP) field does not appear
CSCvw62288	ASA: 256 byte block depletion when syslog rate is high
CSCvy60574	Port dcosAG leak fix CSCvx14602 to KP/WM
CSCvz00699	Traceback in webvpn and reload experienced periodically after ASA upgrade
CSCvz66795	ASA traceback and reload in SSH process when executing the command "show access-list"
CSCvz09109	Cluster CCL interface capture shows full packets although headers-only is configured
CSCwa28822	FTD moving UI management from FDM to FMC causes traffic to fail
CSCvz51258	show tech-support output can be confusing when there crashinfo, need to clean up/make more intuitive
CSCwa26038	ICMP inspection causes packet drops that are not logged appropriately
CSCwb15795	Audit message not generated by: no logging enable from ASAv9.12
CSCvz09106	Cisco ASA and FTD Software SSL VPN Denial of Service Vulnerability
CSCvy41763	Cisco Firepower Threat Defense Software XML Injection Vulnerability
CSCwa41834	ASA/FTD traceback and reload due to pix_startup_thread
CSCvy89648	ma_ctx files with '.backup' extension seen after applying the workaround for CSCvx29429
CSCvz02398	Crypto archive generated with SE ring timeout on 7.0
CSCvz76746	While implementing management tunnel a user can use open connect to bypass anyconnect.
CSCvz76745	SFDataCorrelator memory growth with cloud-based malware events
CSCvz91618	KP - traceback observed when add and remove snmp host-group
CSCvz99222	Clear and show conn for inline-set is not working
CSCvy53461	RSA keys & Certs get removed post reload on WS-SVC-ASA-SM1-K7 with ASA code 9.12.x
CSCvy75724	ZMQ OOM due to less Msglyr pool memory in low end platforms
CSCvz05767	FP-1010 HA link goes down or New hosts unable to connect to the device
CSCwa28895	FTD SSL Proxy should allow configurable or dynamic maximum TCP window size
CSCvz06652	snmpd corefiles noticed on SNMP longevity setup
CSCvz50922	FPR2100: Unable to form L2L VPN tunnels when using ESP-Null encryption
CSCvz95743	Loss of NTP sync following an upgrade
CSCvz77037	FMC user interface access may fail with SSL errors in mojo-server
CSCvy96325	FTD/ASA: Adding new ACE entries to ACP causes removal and re-add of ACE elements in LINA
CSCwa69376	under stress, getting bus error in snmp_logging.c:1303
CSCwa53088	snort 2 ssl-debug files may not be written
CSCvx81447	The dnsproxy log messages are displayed continuously on the ASA
CSCwa39683	log file flooded by ssl_policy log_error messages when ssl debug is enabled
CSCvy58697	ssl shared cache process can leak memory
CSCvz24238	CiscoÂ Firepower Management Center Cross-site Scripting Vulnerability
CSCwa15185	ASA/FTD: remove unwanted process call from LUA
CSCvw56551	ASA displays cosmetic NAT warning message when making the interface config changes
CSCvz76848	FTD traceback and reload when using DTLS1.2 on RA tunnels
CSCvz76966	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DNS DoS
CSCvz15529	ASA traceback and reload thread name: Datapath
CSCvy57905	VTI tunnel interface stays down post reload on KP/WM platform in HA
CSCwa27822	Lina process remains in started status after a major FTD upgrade to 6.7 or 7.0
CSCvy33676	UN-NAT created on FTD once a prior dynamic xlate is created
CSCvz30333	FTD/Lina may traceback when "show capture" command is executed
CSCwa21016	Cisco Firepower Threat Defense Software DNS Enforcement Denial of Service Vulnerability
CSCvy82655	REST API - Bulk AC rules creation fails with 422 Unprocessable Entity
CSCwb00595	Mempool_DMA allocation issue / memory leakage
CSCwa85138	Multiple issues with transactional commit diagnostics
CSCwa51241	Switch detected unknown MAC address from FPR1140 Management Interface
CSCwa03275	BGP routes shows unresolved and dropping packet with asp-drop reason "No route to host"
CSCvz73709	ASA/FTD Standby unit fails to join HA
CSCvz21886	Twice nat's un-nat not happening if nat matches a pbr acl that matches a port number instead of IP
CSCvy63464	FTD 1100/ 2100 series reboots with clock set to 2033
CSCvz19634	FTD software upgrade may fail at 200_pre/505_revert_prep.sh
CSCwa94894	ASA/FTD may traceback and reload in Thread Name 'DATAPATH-4-9608'
CSCvx89451	ISA3000 shutdown command reboots system and does not shut system down.
CSCwa61218	Polling OID "1.3.6.1.4.1.9.9.171.1.3.2.1.2" gives negative index value of the associated tunnel
CSCvy02247	Cisco Firepower System Software Rule Editor Non-impactful Buffer Overflow Vulnerability
CSCvy99348	Shutdown command reboots instead of shutting the FP1k device down.
CSCvz71825	MAC algorithms on Firepower 2K devices are not correct for CC and UCAPL mode
CSCwa18858	ASA drops non DNS traffic with reason "label length 164 bytes exceeds protocol limit of 63 bytes"
CSCvz54471	ASA:Failed ASA in HA pair not recovering by itself, after an "HA state progression failed"
CSCvs27336	Traceback on ASA by Smart Call Home process
CSCwa67209	FMC may disable autonegotiation for port-channels with 1Gbps SFP fiber members after FTD upgrade
CSCwb33334	ASA: crash after sending some traffic over RAVPN tunnel
CSCwa75077	Time-range objects incorrectly populated in prefilter rules
CSCwa40237	Cisco Firepower Management Center File Upload Security Bypass Vulnerability
CSCvz94153	NTP sync on IPV6 will fail if the IPV4 address is not configured
CSCwa55562	Different CG-NAT port-block allocated for same source IP causing per-host PAT port block exhaustion
CSCvz31880	ASA Crashing with 'Unicorn Proxy Thread cpu: 9 watchdog_cycles' after stopping scaled stress test.
CSCwb20940	FMC: Add validation checks for the combination of SSL/Snort3/NAP in Detection mode
CSCwa77073	SNMP is responding to snmpgetbulk with unexpected order of results
CSCwa11088	Access rule-ordering gets automatically changed while trying to edit it before page refresh/load
CSCvz43414	Internal ldap attribute mappings fail after HA failover
CSCvz46879	Fine tune mojo_server configuration on Sourcefire modules
CSCvy90821	Autocomplete for "debug snmp ?" not working on ASA

Resolved Bugs in Version 7.0.1.1

Table last updated: 2022-02-17

Table 12. Resolved Bugs in Version 7.0.1.1
Bug ID	Headline
CSCwa46963	Security: CVE-2021-44228 -> Log4j 2 Vulnerability
CSCwa70008	Expired certs cause Security Intel. and malware file preclassification signature updates to fail
CSCwa88571	Unable to register FMC with the Smart Portal

Resolved Bugs in Version 7.0.1

Table last updated: 2021-10-07

Table 13. Resolved Bugs in Version 7.0.1
Bug ID	Headline
CSCum03297	ENH: ASA should save the timestamp of the MAXHOG in 'show proc cpu-hog'
CSCvf89237	Evaluate unicorn expat for CVE-2017-9233
CSCvg66052	2 CPU Cores continuously spike on firepower appliances
CSCvr11958	AWS FTD: Deployment failure with ERROR: failed to set interface to promiscuous mode
CSCvs50538	Firewall engine should fall back on info from SSL handshake if SSL engine is not returning a verdict
CSCvt62869	SPLIT-BRAIN: Pre allocation of blocks for failover control messages
CSCvv21602	cfprApSmMonitorTable is missing in the FP2K MIB
CSCvv36788	MsgLayer[PID]: Error : Msglyr::ZMQWrapper::registerSender() : Failed to bind ZeroMQ Socket
CSCvv43190	Crypto engine errors when GRE header protocol field doesn't match protocol field in inner ip header
CSCvv48942	Snmpwalk showing traffic counter as 0 for failover interface
CSCvv59676	Snort2: Implement aggressive pruning for certificate cache for TLS to free up memory
CSCvv71097	traceback: ASA reloaded snp_fdb_destroy_fh_callback+104
CSCvv89715	Fastpath rules for 8000 series stack disappear randomly from the FMC
CSCvw46630	FTD: NLP path dropping return ICMP destination unreachable messages
CSCvw62526	ASA traceback and reload on engineering ASA build - 9.12.3.237
CSCvw71405	FPR1120 running ASA traceback and reload in crypto process.
CSCvx11917	FTD active unit might drop interface failover messages with host-move-pkt drop reason
CSCvx20872	ASA/FTD Traceback and reload due to netflow refresh timer
CSCvx21050	Snort3 UDP performance down up to 40% relative to snort2 and Correct CPU utilisation meaningful
CSCvx23833	IKEv2 rekey - Invalid SPI for ESP packet using new SPI received right after Create_Child_SA response
CSCvx26308	ASA traceback and reload due to strcpy_s: source string too long for dest
CSCvx26927	TLS site not loading when it has segmented and retransmitted CH
CSCvx38124	Core-local block alloc failure on cores where CP is pinned leading to drops
CSCvx48490	SSL Decrypted https flow EOF events showing 'Initiator/Responder' Packets as 0
CSCvx50980	ASA CP CPU wrong calculation leads to high percentage (100% CP CPU)
CSCvx51123	FMC UI ERROR : An error occurred saving domain
CSCvx63788	Edit policy in new window for AC Policy default action IPS policy shows error pop-up
CSCvx65178	SNMP bulkget not working for specific OIDs in firewall mib and device performance degradation
CSCvx66329	FTD Hotfix Cisco_FTD_SSP_FP2K_Hotfix_O installation fails on script 000_start/125_verify_bundle.sh
CSCvx76665	Error messages "Updating Interface Status failed" seen on 2100
CSCvx77768	Traceback and reload due to Umbrella
CSCvx78238	multi context Firepower services on ASA traffic goes to incorrect interfaces
CSCvx79793	Slow file transfer or file upload with SSL policy is applied with Decrypt resign action
CSCvx80830	VPN conn fails from same user if Radius server sends a dACL and vpn-simultaneous-logins is set to 1
CSCvx85922	ASA/FTD may traceback and reload when saving/writitng the configuration to memory
CSCvx87709	FPR 2100 running ASA in HA. Traceback and reload on watchdog during failover
CSCvx90486	In some cases snmpwalk for ifXTable may not return data interfaces
CSCvx91317	A remote code execution issue was discovered in MariaDB 10.2 before 10
CSCvx93254	DHCP relay server "Invalid helper address"
CSCvx94398	Secondary ASA could not get the startup configuration
CSCvx95652	ASAv Azure: Some or all interfaces might stop passing traffic after a certain period of run time
CSCvx95884	High CPU and massive "no buffer" drops during HA bulk sync and during normal conn sync
CSCvx96452	Some HTTP2 TLS traffic ends with TCP RST, not TCP FIN, after complete payload transmission
CSCvx97632	ASA traceback and reload when copying files with long destination filenames using cluster command
CSCvy01482	Realm Sync Results Page Hangs After Upgrade
CSCvy01752	Traceback on FPR 4115 in Thread - Lic HA Cluster
CSCvy03006	improve debugging capability for uauth
CSCvy03907	Creation/Edit of Access Control Policy fails with error 'Rule Name Already Exists'
CSCvy04343	ASA in PLR mode,"license smart reservation" is failing.
CSCvy05966	Snort 2.9.16.3-3033 traceback (FTD 6.6.3)
CSCvy07113	7.0.0-1459 :FTPs traffic(malware file) is not blocked with file policy config,specifi to QP platform
CSCvy07491	ASA traceback when re-configuring access-list
CSCvy09217	HA goes to active-active state due to cipher mismatch
CSCvy09436	DHCP reservation fails to apply reserved address for some devices
CSCvy10583	ASA Traceback and Reload in Thread Name: DATAPATH
CSCvy10789	FTD 2110 ascii characters are disallowed in LDAP password
CSCvy13229	FDM - GUI Inaccessible - tomcat is opening too many file descriptors
CSCvy14721	ssl traffic dropped by FTD while CH packet has a destination port no greater than source port
CSCvy16179	ASA cluster Traceback with Thread Name: Unicorn Admin Handler even when running fix for CSCuz67596
CSCvy17078	Traceback: ASA on FPR 2110 traceback and reload on process Lina
CSCvy17365	REST API Login Page Issue
CSCvy17470	ASA Traceback and reload on the A/S failover pair at IKEv2
CSCvy18138	PIM Register Sent counter does not increase when encapsulated packets with register flag sent to RP
CSCvy19136	Web portal persistent redirects when certificate authentication is used.
CSCvy19453	SFDataCorrelator performance problems involving redundant new host events with only MAC addresses
CSCvy21334	Active tries to send CoA update to Standby in case of "No Switchover"
CSCvy23349	FTD unnecessarily ACKing TCP flows on inline-pair deployment
CSCvy27261	Inconsistencies in Snort2 and Snort3 Events views
CSCvy29815	NTP AES-CMAC input not compatible with IOS-XE
CSCvy30016	"Max cert cache entries" pruning needs to lock the ssl cache
CSCvy30101	snort2 memory usage can grow beyond expected limits when using ssl decryption
CSCvy31096	Host rediscovery in case of snort configuration reload
CSCvy31229	No space left disk space is full on /ngfw
CSCvy31400	FPR1K: Fiber SFP Interfaces down due to speed autonegotiation disabled
CSCvy31521	Add syslog-ng monitor to the FMC
CSCvy32154	Flows are offloaded after disable the offload cli on policy-map
CSCvy32366	After upgrading ASA to 9.15(1)10, ASDM 7.15(1)150 One Time Password (OTP) field does not appear
CSCvy33105	Ambiguous command error is shown for 'show route bgp' or 'show route isis' if DNS lookup is enabled
CSCvy33676	UN-NAT created on FTD once a prior dynamic xlate is created
CSCvy34333	When ASA upgrade fails, version status is desynched between platform and application
CSCvy36694	FTDv 6.7 on Azure is unable to set 1000 speed on GigabitEthernet interfaces
CSCvy37835	ssl replace key only action can cause unbounded detection engine memory usage
CSCvy39191	An internal server error 500 in T-ufin when doing API calls to the FMC
CSCvy39621	ASA/FTD sends continuous Radius Access Requests Even After Max Retry Count is Reached
CSCvy39659	ASA/FTD may traceback and reload in Thread Name 'DATAPATH-15-14815'
CSCvy39791	Lina traceback and core file size is beyond 40G and compression fails.
CSCvy40482	9.14MR3: snmpwalk got failed with [Errno 146] Connection refused error.
CSCvy41157	HA formation failing after restore
CSCvy43447	FTD traceback and reload on Lic TMR Thread on Multi Instance FTD
CSCvy47108	Remote Access IKEv2 VPN session cannot be established because of stuck Uauth entry
CSCvy48159	ASA Traceback & reload on process name lina due to memory header validation
CSCvy48730	ASA/FTD may traceback and reload in Thread Name 'Unicorn Proxy Thread'
CSCvy49732	ASA/FTD may traceback and reload in Thread Name 'ssh'
CSCvy50011	ASA traceback in IKE Daemon process and reload
CSCvy51659	Long OCSP timeout may cause AnyConnect authentication failure
CSCvy51814	Firepower flow-offload stops offloading all existing and new flows
CSCvy52074	ASA/FTD may traceback and reload in Thread Name 'webvpn_task'
CSCvy52924	FTD loses OSPF network statements config for all VRF instances upon reboot
CSCvy53301	HA Configuration fails on FDM with 'Internal error during deployment'
CSCvy53461	RSA keys & Certs get removed post reload on WS-SVC-ASA-SM1-K7 with ASA code 9.12.x
CSCvy53798	memory leak when decrypting flows using x25519 curve
CSCvy55356	CPU hogs less than 10 msec are produced contrary to documentation
CSCvy56395	ASA traceback and reload due to snmp encrypted community string when key config is present
CSCvy58268	Block 80 and 256 exhaustion snapshots are not created
CSCvy60100	SNMP v3 configuration lost after reboot for HA
CSCvy60574	Port dcosAG leak fix CSCvx14602 to KP/WM
CSCvy61008	Time out of sync between Lina and FXOS
CSCvy63949	ASA direct authentication timeouts even if direct authentication traffic is passing through the ASA
CSCvy64492	ASAv adding non-identity L2 entries for own addresses on MAC table and dropping HA hellos
CSCvy64911	Debugs for: SNMP MIB value for crasLocalAddress is not showing the IP address
CSCvy66711	Cisco ASA 9.16.1 and FTD 7.0.0 IPsec Denial of Service Vulnerability
CSCvy67756	Firepower Services HTTPS traffic stops working when matching Do not decrypt rule in SSL policy
CSCvy68859	DB Conn not released with LSP and category filter in Intrusion rules
CSCvy69189	FTD HA stuck in bulk state due to stuck vpnfol_sync/Bulk-sync keytab
CSCvy69787	ASAv on AWS TenGigabit interface is learning 1000mbps instead of 10000Mbps
CSCvy72118	High snort cpu usage while copying navl attribute - ( Fragmented metadata )
CSCvy72321	Packet-tracer adds "after-auto" option to manual/twice NATs when matching it in the NAT Phases
CSCvy72846	ASA accounting reports incorrect Acct-Session-Time
CSCvy73554	ASA: "deny ip any any" entry in crypto ACL prevents IKEv2 remote AnyConnect access connections
CSCvy74781	The standby device is sending the keep alive messages for ssl traffic after the failover
CSCvy74984	ASAv on Azure loses connectivity to Metadata server once default outside route is used
CSCvy79023	Device UI down due to idhttpsd access log file exceeding size and log rotation failure
CSCvy79952	ASA/FTD traceback and reload after downgrade
CSCvy82794	ASA/FTD traceback and reload when negating snmp commands
CSCvy83116	WM standby fails to re-join HA with msg "CD App Sync error is SSP Config Generation Failure"
CSCvy84733	SFR Upgrade 6.7 to 7.0: Syslogs stopped working
CSCvy89440	s2sCryptoMap Configuration Loss
CSCvy89648	ma_ctx files with '.backup' extension seen after applying the workaround for CSCvx29429
CSCvy89658	WR6, WR8 and LTS18 commit id update in CCM layer(sprint 114, seq 13)
CSCvy92990	FTD traceback and reload related to SSL after upgrade to 7.0
CSCvy95554	Unable to download LDAP due to database MERGE failure on group_fsp_reference table
CSCvy96625	Revert 'fix' introduced by CSCvr33428 and CSCvy39659
CSCvy96698	Resolve spurious status actions checking speed values twice in FXOS portmgr
CSCvy96803	FTD traceback and reload in Process Name lina related to SNMP functions
CSCvy99373	ADI Session Processing Delays when resolving adSamAccountName with AD
CSCvz00032	FTD tracebacks and reloads on Thread name Lina
CSCvz00254	FDM 6.7.0 to 7.0.0 Upgrade Failed due to invalid state for site to site VPN during upgrade import
CSCvz00383	FTD lina traceback and reload in thread Name Checkheaps
CSCvz00699	Traceback in webvpn and reload experienced periodically after ASA upgrade
CSCvz05189	FTD reload with Lina traceback during xlate replication in Cluster
CSCvz05197	Event pages do not work in IE 11
CSCvz05468	Multiple SSH host entries in platform settings as first feature enable/deploy will break SSH on LINA
CSCvz05767	FP-1010 HA link goes down or New hosts are not not able to connect to the device
CSCvz06652	snmpd corefiles noticed on SNMP longevity setup
CSCvz06848	FTD/FDM upgrade fails due to snmp-server community validation failure
CSCvz07614	ASA: Orphaned SSH session not allowing us to delete a policy-map from CLI
CSCvz14616	No connection events due to SFDataCor process stuck
CSCvz15529	ASA traceback and reload thread name: Datapath
CSCvz17534	FTD Restore Backup CLI does not restore the VPN configuration
CSCvz20544	ASA/FTD may traceback and reload in loop processing Anyconnect profile
CSCvz21886	Twice nat's un-nat not happening if nat matches a pbr acl that matches a port number instead of IP
CSCvz23157	SNMP agent restarts when show commands are issued
CSCvz25434	ASA/FTD blackholes traffic due to 1550 block depletion when BVI is configured as DHCP client
CSCvz25663	FTD/FDM upgrade error due to snmp-server host community string validation failure
CSCvz26950	[DOC] The Appliance Information Widget missing High Availability information in FMC Documentation
CSCvz29233	ASA: ARP entries from custom context not removed when an interface flap occurs on system context
CSCvz30333	FTD/Lina may traceback when "show capture" command is executed
CSCvz30933	ASA tracebacks and reload when clear configure snmp-server command is issued
CSCvz32386	FTD Deployment error when FMC pushes PFS21 and IKEv1 settings on same crypto map entry
CSCvz34831	If ASA fails to download DACL it will never stop trying
CSCvz35201	Upgrade failure / Stuck on 999_finish/989_update_ngfw_conf_aquila_ssp.sh
CSCvz38361	BGP packets dropped for non directly connected neighbors
CSCvz38811	Deleted files holding disk space under Java process
CSCvz46333	FTD policy deployment failure due to internal socket connection loss
CSCvz66506	Continuous ADI crash is seen on FPR2100 after upgrade to 7.0 registered to FMC HA

Resolved Bugs in Version 7.0.0.1

Table last updated: 2021-07-15

Table 14. Resolved Bugs in Version 7.0.0.1
Bug ID	Headline
CSCvy66711	Cisco ASA 9.16.1 and FTD 7.0.0 IPsec Denial of Service Vulnerability

Resolved Bugs in Version 7.0.0

Table last updated: 2021-05-25

Table 15. Resolved Bugs in Version 7.0.0
Bug ID	Headline
CSCvi96835	No validation err when changing host thats part of a group object used in a routing policy, to Range
CSCvk22190	No connection/intrusion events received on FMC following time synchronisation issues
CSCvm69294	Standby FMC sending Flood of SNMP traps
CSCvm99989	SNMP OID for SystemUpTime show incorrect value
CSCvo57004	Analyze Hit Counts displaying timestamps in UTC instead of the configured user time zone.
CSCvp54996	GNU Wget Buffer Overflow Vulnerability
CSCvp58886	Special characters in Location for SNMP FXOS (FPR2100) causes policy deployment failure
CSCvq55919	Cisco Firepower Management Center Software Stored Cross-Site Scripting Vulnerability
CSCvq89604	Cisco_Firepower_Mgmt_Center_Patch_Uninstaller-6.4.0.3-29.sh.REL.tar fails to run
CSCvr03127	Apache HTTP Server mod_proxy Cross-Site Scripting Vulnerability
CSCvr13762	NGFWHA Missing EO UUID on FMC
CSCvr46901	Analysis Connection Events doesn't show and report all the events in UI
CSCvr74896	Cannot update Security intelligence when AC Policy is imported to FMC with cloud feeds disabled
CSCvs02229	Network Time Protocol Authenticated Mode 6 Packet Processing NULL Poin
CSCvs05066	Snort file mempool corruption leads to performance degradation and process failure.
CSCvs06043	TunnelClient for CSM_CCMservice on ngfwManager not reading ACK sent from CSM_CCM service on FMC
CSCvs71034	Beaker registration fails with error 400 : Bad Request.
CSCvs71969	Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability
CSCvs74802	AnyConnect/S2S IKEv2 crypto policy occasionally not deployed to device
CSCvs79606	"dns server-group DefaultDNS" cli not getting negated
CSCvs84242	FMC Deployment Failure when removing Auto NAT and correlated network object
CSCvt29771	invalid Response message when we change the security zone from the object management page
CSCvt31292	FTD device might not send events to SSE
CSCvt43136	Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability
CSCvt49334	On the 4120 sensor, the task delete is not removing the "task_xx" files from the cron.d directory
CSCvt74194	Error getting unified2 record: Corrupt file
CSCvt74893	FMCv Ethernet driver indicates vmxnet3 TCP performance compromised
CSCvt91258	FDM: None of the NTP Servers can be reached - Using Data interfaces as Management Gateway
CSCvt93177	Disable Full Proxy to Light Weight Proxy by Default. (FP2LWP) on FTD Devices
CSCvt93999	FMC shouldn't allow a second upgrade on same device if upgrade is going on
CSCvu12608	ASA5506/5508/5516 devices not booting up properly / Boot loop
CSCvu18510	MonetDB's eventdb crash causes loss of connection events on FMC 6.6.0 and 6.6.1
CSCvu21953	FMC 6.4.0 is randomly sending "strong-encryption-disable" to FTD
CSCvu22293	FMC scheduled backup of multiple managed devices with remote storage fails
CSCvu29508	FMC manual removal and addition of FTD Cluster member causes dangling stale interfaces
CSCvu30756	User Identity does not correctly handle identical sessions in different netmaps
CSCvu34228	FTD LINA traceback & reload while processing snort return verdict
CSCvu35704	APIKEY mismatch among the FMC, Sensor and ThreatGrid results significant file submission drop
CSCvu44472	FMC System processes are starting
CSCvu54706	Cisco Firepower Management Center CWE-772 - Slow HTTP POST vulnerability
CSCvu75855	stunnel process enabled on managed device when it should not be
CSCvu77689	FTP to FileZilla miscategorized as SMTP
CSCvu88005	FMC REST API user permission for GET taskstatus
CSCvu88886	Threat data deployment to managed FTD may fail after upgrade.
CSCvv00155	Deleting interface or sub-interface should also delete failover MAC address configuration
CSCvv08244	Firepower module may block trusted HTTPS connections matching 'Do not decrypt' SSL decryption rule
CSCvv12491	cloudagent_urllookup_health file still had old format after upgrading to 6.4
CSCvv14109	new FMC restored from backup file doesn't send down user ip and user group mappings to devices
CSCvv14442	FMC backup restore fails if it contains files/directories with future timestamps
CSCvv17893	Bad uip snapshot and log file causes FTD to repeatedly requests catchup, and exhausts file handlers
CSCvv20780	Policy deploy fails with "Failed to hold the deployment transaction" error
CSCvv21782	6.6.1: Prefilter Policy value shown as Invalid ID for all the traffic in ASA SFR Platform
CSCvv27084	EventHandler syslog via loggerd does not support destination host names
CSCvv27867	FMC classic theme - No scrollbar in object details for group with multiple items
CSCvv29275	FMC OSPF area limits until 49 entries. Upon adding 50th entry, process gets disabled automatically
CSCvv34523	The firewall_target_cache table is not pruned as expected which leads to large database size
CSCvv34851	6.7.0-1992: duplicate connection events with empty SSL info in one of them
CSCvv36915	"Show NTP" command does not work on multi-instance FTD
CSCvv38869	FMC fails to upgrade FTD from 6.3 to 6.7 due to database error
CSCvv40961	http-proxy setting causing upgrade failure
CSCvv43771	Unable to select multiple devices for scheduled backups
CSCvv45106	CSD does not start on 2100 due to missing csd-service.json file
CSCvv46490	Policy Deployment Failure on FMC due to ERROR in SnortAttribConfig
CSCvv50298	FTD management interface to be vulnerable to TLS poodle attack- CVE-2014-3566
CSCvv53042	DBCheck.pl output includes fatal errors that cause upgrade attempt to fail
CSCvv55066	FPR1010: Internal-Data0/0 and data interfaces are flapping during SMB file transfer
CSCvv56644	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web DoS
CSCvv57476	CSS Styles loading issue in Chrome 85, IE and Edge browsers
CSCvv59036	Static routes deleted from the FMC without user deleting it.
CSCvv60849	Memory cgroup limits should be adjusted to avoid Snort D-state
CSCvv62931	FTD does not send Server Hello & Server Certificate to the client when src.port==dst.port
CSCvv68000	bravado error when getting ra vpn group policy created by FDM UI
CSCvv68078	sybase database corrupted on secondary FMC and was not able to sync
CSCvv69862	FMC backup failed error with "Terminating long running backup" after 45 min FTDHA in leaf
CSCvv70096	Snort 2: Memory Leak in SSL Decrypt & Resign Processing
CSCvv70683	No New Notification in Task tab.
CSCvv73054	Snort libs are deleted during deployment
CSCvv74658	FTD/ASA creates coredump file with "!" character in filename (zmq changes (fxos) for CSCvv40406 )
CSCvv74795	syslog-ng has extra instances running on ASA5525-X
CSCvv74816	FDM should not allow removal of local address pool while NAT exemption is in place.
CSCvv74951	Disable memory cgroups when running the system upgrade scripts
CSCvv75148	Rabbitmq queue of VPN Events does not have any size limit to avoid accumulating *.idx files
CSCvv76581	Cisco Firepower product line Evaluation of Racoon attack CVE-2020-1968
CSCvv79459	WR6, WR8 and LTS18 commit id update in CCM layer (sprint 94, seq 1)
CSCvv79897	Block "sensor restart" command for FTD units to prevent Lina crash and system reboot event
CSCvv83841	upgrade - Not enough root disk space available in 600_schema/100_update_database.sh
CSCvv84172	Dangling ref in Clustered_table and EO upon failed registration
CSCvv84385	Disk Manager incorrectly prunes unified files used by FMC e-streamer
CSCvv89715	Fastpath rules for 8000 series stack disappear randomly from the FMC
CSCvv90079	No router BGP pushed after making chnages on 9300 intra chassis cluster
CSCvv92897	System might hit previously missing memcap limits on upgrade to version 6.6.0
CSCvv94165	FTD 6.6 : High CPU spikes on snmpd process
CSCvv97527	asa config timeout command breaks snort's DAQ configuration
CSCvv97902	Deployment purge doesn't happen due to deployment_info missing at policy_deployment.db
CSCvw03256	FMC dashboard shows "No Data" for intrusion table when 'Message' Field is Selected
CSCvw04171	For Readonly User, Device Summary tab is returning forbidden error page
CSCvw07352	SFDataCorrelator log spam, metadata fails after Sybase connection status 0
CSCvw10877	/var/sf/user_identity should not bring the archive with it in a troubleshoot
CSCvw13395	FMC 6.6.0 "Reset Connection Upon Timeout" Checkbox missing in Light Theme of UI
CSCvw16565	Policy Deployment fails after enabling "SMB Auto-Detect Ports" in DCE/RPC Configuration.
CSCvw21145	Duplicate NAT rule error when saving the policy (caused by duplicate Auto NAT rules)
CSCvw21161	Duplicate NAT rule error when saving the policy (different rules are detected as duplicates)
CSCvw21628	Upgrade from pre-6.6.x to 6.6.x and above breaks Intrusion Event Packet-Drill down
CSCvw27966	Policy deployment fails with object names starts with 'any'
CSCvw28894	SFDataCorrelator slow startup and vuln remap due to duplicate entries in vuln tables
CSCvw28946	When deploying VxLan config the command mtu is sent out of order causing deployment failures
CSCvw29561	FMC SLR license 'shows continuous Smart agent communication with Smart Licensing Cloud' alert
CSCvw29563	repair_users.pl script no longer works
CSCvw29581	VDB upgrade doesn't work when mysql user table is damaged.
CSCvw30252	ASA/FTD may traceback and reload due to memory corruption in SNMP
CSCvw33939	FMC Deployment failure due to VPN split-tunnel standard ACL with Network Group containing IPv6object
CSCvw34692	Not possible to change after the first time the TTL Hops for BGP neighbor
CSCvw38708	AC policy save, validateActivity not using cache for building blocks
CSCvw38870	FMC upgrade failure to 6.6.0, 6.6.1, 6.6.3, or 6.7.0 at 800_post/1027_ldap_external_auth_fix.pl
CSCvw41901	Deleting System Defined objects via FMC's REST API returns HTTP 500 error code.
CSCvw42497	Error during policy validation while navigating through AC policy
CSCvw45125	Block deployment while secondary nodes are in config or bulk sync
CSCvw47943	Optimization of the query for scan results in Firepower Recommendations
CSCvw51307	ASA/FTD traceback and reload in process name "Lina"
CSCvw60177	Standby/Secondary cluster unit might crash in Thread Name: fover_parse and "cluster config sync"
CSCvw79294	sftunnel logging huge number of logs to messages file
CSCvw85377	URL is not updated in the access policy URL filtering rule
CSCvx19934	Deployment gets failed for snmp settings while deleting snmpv1 and adding snmpv3 at a time in 6.6.3
CSCvx20303	ASA/FTD may traceback in after changing snmp host-group object
CSCvx26221	Traceback into snmp at handle_agentx_packet / snmp takes long time to come up on FP1k and 5508
CSCvy08798	WR6, WR8 and LTS18 commit id update in CCM layer(sprint 110, seq 10)

Cisco Firepower Release Notes, Version 7.0.x

Bias-Free Language

Book Title

Cisco Firepower Release Notes, Version 7.0.x

Chapter Title

Bugs

Results

Chapter: Bugs

Bugs

Open Bugs

Open Bugs in Version 7.0.0

Resolved Bugs

Resolved Bugs in Version 7.0.6.3

Resolved Bugs in Version 7.0.6.2

Resolved Bugs in Version 7.0.6.1

Resolved Bugs in Version 7.0.6

Resolved Bugs in Version 7.0.5.1

Resolved Bugs in Version 7.0.5

Resolved Bugs in Version 7.0.4

Resolved Bugs in Version 7.0.3

Resolved Bugs in Version 7.0.2.1

Resolved Bugs in Version 7.0.2

Resolved Bugs in Version 7.0.1.1

Resolved Bugs in Version 7.0.1

Resolved Bugs in Version 7.0.0.1

Resolved Bugs in Version 7.0.0

Was this Document Helpful?

Contact Cisco