CSCvz38976

7.1/Firepower Threat Defense device occasionally unable to pass large packets/Fragmentation failures

CSCvz83796

Multiple Cisco Products affected by SMBv2 Denial of Service Vulnerability in Snort Rules

CSCvz96487

SSL rules with certfeed conditions can cause unexpected handshake failures

CSCwa23353

Rate filter is shown as an unsupported config when deployed to 7.0.1 FTDv managed by 7.1 FMCv

CSCwa33452

FTD data plane (Lina) cores found on Azure D5 during 7.1.0/7.2.0 regression

CSCvp15884

FMC SI Health Alerts: SI URL List and Feeds - Failure False Positives

CSCvq29993

FPR2100 ONLY - PERMANENT block leak of size 9472 and 1550 memory blocks & blackholes traffic

CSCvw56551

ASA displays cosmetic NAT warning message when making the interface config changes

CSCvw62288

ASA: 256 byte block depletion when syslog rate is high

CSCvx68173

Observed few snort instances stuck at 100%

CSCvx68586

Not able to login to UI/SSH on FMC, console login doesn't prompt for password

CSCvx97053

Unable to configure ipv6 address/prefix to same interface and network in different context

CSCvy04430

Management Sessions fail to connect after several weeks

CSCvy24180

Default variable set missing on FMC

CSCvy38650

Unable to download captured file from FMC Captured files UI

CSCvy40401

L2L VPN session bringup fails when using NULL encryption in ipsec configuration

CSCvy43002

Observed crash while running SNMPWalk + S2S-IKEv2 and AnyConnect TVM Profiles

CSCvy67765

FTD VTI reports TUNNEL_SRC_IS_UP false despite source interface is up/up and working

CSCvy72841

Firepower 1K FTD sends LLDP packets with internal MAC address of eth2 interface

CSCvy73130

FP4100 platform: Active-Standby changed to dual Active after running "show conn" command

CSCvy75131

Occasionally deleted sensor/interfaces are not removed from security zones

CSCvy99348

Shutdown command reboots instead of shutting the FP1k device down.

CSCvz03524

PKI "OCSP revocation check" failing due to sha256 request instead of sha1

CSCvz05541

ASA55XX: Expansion module interfaces not coming up after a software upgrade

CSCvz09106

Cisco ASA and FTD Software SSL VPN Denial of Service Vulnerability

CSCvz13143

FMC GUI is not accessible. MariaDB getting restarted since configured memory threshold is exceeded

CSCvz40765

FMC CPU graph displays the wrong number of Snort and System cores

CSCvz44645

FTD may traceback and reload in Thread Name 'lina'

CSCvz60142

ASA/FTD stops serving SSL connections

CSCvz60578

Cluster unit in MASTER_POST_CONFIG state does not notify cluster if moved to DISABLED

CSCvz61463

FP9k SM-44 High CPU on radware vdp Cores after upgrade

CSCvz61689

Port-channel member interfaces are lost and status is down after software upgrade

CSCvz68336

SSL decryption not working due to single connection on multiple in-line pairs

CSCvz69699

FMC UI may become inaccessible due to connection leaks in internal database

CSCvz70958

High Control Plane CPU due to dhcpp_add_ipl_stby

CSCvz72771

ASA/FTD may traceback and reload. "c_assert_cond_terminate" in stack trace

CSCvz76746

While implementing management tunnel a user can use open connect to bypass anyconnect.

CSCvz77050

Occasionally policy deployment failure are reported as successful

CSCvz81888

NTP will not change to *(synced) status after upgrade to asa-9.15.1/9.16.1.28 from asa-9.14.3

CSCvz83432

WR6, WR8 and LTS18 commit id update in CCM layer(sprint 121, seq 18)

CSCvz84733

LACP packets through inline-set are silently dropped

CSCvz86256

Primary ASA should send GARP as soon as split-brain is detected and peer becomes cold standby

CSCvz88149

Lina traceback and reload during block free causing FTD boot loop

CSCvz89126

ASDM session/quota count mismatch in ASA when multiple context switchover is done from ASDM

CSCvz89327

OSPFv2 flow missing cluster centralized "c" flag

CSCvz90375

Low available DMA memory on ASA 9.14 at boot reduces AnyConnect sessions supported

CSCvz91218

Statelink hello messages dropped on Standby unit due to interface ring drops on high rate traffic

CSCvz92016

Cisco ASA and FTD Software Web Services Interface Privilege Escalation Vulnerability

CSCvz92932

ASA show tech execution causing spike on CPU and impacting to IKEv2 sessions

CSCvz94153

NTP sync on IPV6 will fail if the IPV4 address is not configured

CSCvz95108

FTD Deployment failure post upgrade due to major version change on device

CSCvz95949

FP1120 9.14.3 : temporary split brain happened after active device reboot

CSCvz98540

Cisco ASA and FTD Software SSL/TLS Client Denial of Service Vulnerability

CSCvz99222

Clear and show conn for inline-set is not working

CSCwa00038

Disk corruption occurs when /mnt/disk0 partition is full and blade is rebooted

CSCwa02929

FTD Blocks Traffic with SSL Flow Error CORRUPT_MESSAGE

CSCwa03732

Deployment gets hung at snapshot generation phase during deploy or causes deploy slowness

CSCwa05385

WR6, WR8 and LTS18 commit id update in CCM layer(sprint 124, seq 19)

CSCwa06608

WM 1010 HA Failover is not successful when we give failover active in secondary.

CSCwa07390

Config only FMC: SI feed downloaded file does not match expected checksum

CSCwa08262

AnyConnect users with mapped group-policies take attributes from default GP under the tunnel-group

CSCwa11052

SNMP Stopped Responding After Upgrading to Version- 9.14(2)15

CSCwa11079

Pre allocate sub context for DRBG health test

CSCwa13873

ASA Failover Split Brain caused by delay on state transition after "failover active" command run

CSCwa14725

ASA/FTD traceback and reload on IKE Daemon Thread

CSCwa15185

ASA/FTD: remove unwanted process call from LUA

CSCwa18858

ASA drops non DNS traffic with reason "label length 164 bytes exceeds protocol limit of 63 bytes"

CSCwa18889

Clock drift observed between Lina and FXOS on multi-instance

CSCwa19443

Flow Offload - Compare state values remains in error state for longer periods

CSCwa19713

Traffic dropped by ASA configured with BVI interfaces due to asp drop type "no-adjacency"

CSCwa20758

WR6, WR8 and LTS18 commit id update in CCM layer(sprint 124, seq 20)

CSCwa21061

FTD upgrade fails on 800_post/100_ftd_onbox_data_import.sh

CSCwa26038

ICMP inspection causes packet drops that are not logged appropriately

CSCwa26310

ASA/FTD may traceback during config read or failover sync due to certain SNMP-Server commands

CSCwa28822

FTD moving UI management from FDM to FMC causes traffic to fail

CSCwa28895

FTD SSL Decryption Traffic Latency | SSL Proxy to allow configurable/dynamic maximum TCP window size

CSCwa29956

"Interface configuration has changed on device" message may be shown after FTD upgrade

CSCwa30114

"Error:NAT unable to reserve ports" when using a range of ports in an object service

CSCwa31508

Continuous deployment failure on QW-4145 device

CSCwa32286

WR6, WR8 and LTS18 commit id update in CCM layer (sprint 125, seq 21)

CSCwa32367

Creation of dedicated CRITICAL cgroup for tackling MIO HeartBeat failure issue

CSCwa32527

7.1 to 7.2 upgrade crash if SNMP configured on ngfw-management interface

CSCwa32628

SFDataCorrelator crash at AddFileToPendingHash() due to race condition

CSCwa33248

Auto LSP update not getting triggered, missing Talos registration (beakerd)

CSCwa34287

ASA: Loss of NTP sync following a reload after upgrade

CSCwa35200

Some syslogs for AnyConnect SSL are generated in admin context instead of user context

CSCwa36661

Traffic is not hitting on some egress interfaces of user vrf due to routes missing in asp table

CSCwa36672

ASA on FPR4100 traceback and reload when running captures using ASDM

CSCwa36678

Random FTD reloads with the traceback during deployment from FMC

CSCwa38277

ASA NAT66 with big range as a pool don't works with IPv6

CSCwa38996

Big number of repetitive messages in snmpd.log leading to huge log size

CSCwa39680

Snort stops processing packets when SSL decryption debug enabled - Snort2

CSCwa40719

Traceback: Secondary firewall reloading in Threadname: fover_parse

CSCwa41834

ASA/FTD traceback and reload due to pix_startup_thread

CSCwa41918

ssl inspection may have unexpected behavior when evicting certificates

CSCwa41936

Cisco FTD Bleichenbacher Attack Vulnerability

CSCwa42350

ASA installation/upgrade fails due to internal error "Available resources not updated by module"

CSCwa42594

ASA: IP Header check validation failure when GTP Header have SEQ and EXT field

CSCwa42596

ASA with SNMPv3 configuration observes unexpected reloads with snmpd cores

CSCwa43311

Snort blocking and dropping packet, with bigger size(1G) file download

CSCwa43497

Datapath deadlocks seen on when sending ICMP PMTU for AnyConnect-SSL

CSCwa45656

SLR license application fails on managed devices

CSCwa46905

WM 1010 speed/duplex setting is not getting effect and causes unstable interface

CSCwa47041

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DAP DoS

CSCwa48849

ssl unexpected behavior with resumed sessions

CSCwa53489

Lina Traceback and Reload Due to invalid memory access while accessing Hash Table

CSCwa54045

Memory leaks in SAML native browser processing

CSCwa55404

Multiple Cisco Products Snort SMB2 Detection Engine Policy Bypass and DoS Vulnerability

CSCwa55562

Different CG-NAT port-block allocated for same source IP causing per-host PAT port block exhaustion

CSCwa55868

QP vFTD Policy Deployment with snort2 Failed with Undefined package variable

CSCwa55878

FTD Service Module Failure: False alarm of "ND may have gone down"

CSCwa56449

ASA traceback in HTTP cli EXEC code

CSCwa56975

DHCP Offer not seen on control plane

CSCwa57115

New access-list are not taking effect after removing non-existance ACL with objects.

CSCwa58686

ASA/FTD Change in OGS compilation behavior causing boot loop

CSCwa61361

ASAv traceback when SD_WAN ACL enabled, then disabled (or vice-versa) in PBR

CSCwa62025

IPv6: Some of egress interfaces of global and user vrf routes are missing in asp table

CSCwa64739

Cisco Firepower Management Center Software Cross-Site Scripting Vulnerability

CSCwa65389

ASA traceback and reload in Unicorn Admin Handler when change interface configuration via ASDM

CSCwa65681

TPK/KP/WM-RM: Assign FXOS interface MAC address to LLDP linux interfaces

CSCwa67209

FMC may disable autonegotiation for port-channels with 1Gbps SFP fiber members after FTD upgrade

CSCwa68552

All type-8 passwords are lost upon upgrade from ASA 9.12-9.15 to 9.16, failover gets disabled

CSCwa68660

FTP inspection stops working properly after upgrading the ASA to 9.12.4.x

CSCwa68805

FTD Traceback & reload during HA creation

CSCwa69303

ASA running on SSP platform generate critical error "[FSM:FAILED]: sam:dme:MgmtIfSwMgmtOobIfConfig"

CSCwa72530

FTD: Time gap/mismatch seen when new node joins a Cluster Control node under history

CSCwa73172

ASA reload and traceback in Thread Name: PIX Garbage Collector

CSCwa74900

Traceback and reload after enabling debug webvpn cifs 255

CSCwa75204

SNORT3 Certsize 16k traffic failing on 2100 with all SSL rules

CSCwa76564

ASDM session/quota count mismatch in ASA when multiple context switch before and after failover

CSCwa76822

Tune throttling flow control on syslog-ng destinations

CSCwa77073

SNMP is responding to snmpgetbulk with unexpected order of results

CSCwa77777

Adding more logs to watchdog infra

CSCwa79494

Traffic keep failing on Hub when IPSec tunnel from Spoke flaps

CSCwa79676

FPR1010 in HA Printing Broadcast Storm Alerts for Multiple Interfaces

CSCwa79980

SNMP get command in FPR does not show interface index.

CSCwa80040

FMC NFS configuration failling after upgrade from 6.4.0.4 to 7.0.1

CSCwa81795

Cisco ASA and FTD Software VPN Authorization Bypass Vulnerability

CSCwa83078

snort3 - resumed sessions not being decrypted can fail

CSCwa85043

Traceback: ASA/FTD may traceback and reload in Thread Name 'Logger'

CSCwa85138

Multiple issues with transactional commit diagnostics

CSCwa85492

URL lookup responding with two categories

CSCwa85709

Cisco Firepower Management Center Information Disclosure Vulnerability

CSCwa87315

ASA/FTD may traceback and reload in Thread Name 'IP Address Assign'

CSCwa87597

ASA/FTD Failover: Joining Standby reboots when receiving configuration replication from Active mate

CSCwa88571

Unable to register FMC with the Smart Portal

CSCwa89243

SNMP no longer responds to polls after upgrade to 9.15.1.17

CSCwa89689

Server hello done on TLS stripped by FTD after enabling 'early application detection' with snort3

CSCwa90615

WR8 and LTS18 commit id update in CCM layer (seq 24)

CSCwa90735

FTD/FXOS - ASAconsole.log files fail to rotate causing excessive disk space used in /ngfw

CSCwa91070

Cgroup triggering oom-k for backup process

CSCwa91090

SSL handshake logging showing unknown session during AnyConnect TLSv1.2 Session establishment

CSCwa93499

Cisco Firepower Management Center Stored Cross-Site Scripting Vulnerability

CSCwa94894

ASA/FTD may traceback and reload in Thread Name 'DATAPATH-4-9608'

CSCwa95079

ASA/FTD Traceback and reload due to NAT configuration

CSCwa95694

Snort cores generated intermittently when SSL policy is enabled on the ASA-SFR module

CSCwa96759

Lina may traceback and reload on tcpmod_proxy_handle_mixed_mode

CSCwa97784

ASA: Jumbo sized packets are not fragmented over the L2TP tunnel

CSCwa98684

Console has an excessive rate of warnings during policy deployment

CSCwa98853

Error F0854 FDM Keyring's RSA modulus is invalid

CSCwa99171

Chassis and application sets the time to Jan 1, 2010 after reboot

CSCwa99931

ASA/FTD: Tuning of update_mem_reference process

CSCwb00595

Mempool_DMA allocation issue / memory leakage

CSCwb01126

DNS server configuration is lost if configuring through RA VPN page on FDM 7.1.0

CSCwb01633

FXOS misses logs to diagnose root cause of module show-tech file generation failure

CSCwb01700

ASA: SSH and ASDM sessions stuck in CLOSE_WAIT causing lack of MGMT for the ASA

CSCwb01919

FP2140 ASA 9.16.2 HA units traceback and reload at lua_getinfo (getfuncname)

CSCwb01976

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

CSCwb01983

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

CSCwb01990

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

CSCwb01995

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

CSCwb02006

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

CSCwb02018

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

CSCwb02020

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

CSCwb02026

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

CSCwb02060

snmp-group host with Invalid host range and subnet causing traceback and reload

CSCwb02316

"Non stop forwarding not supported on '1'" error while configuring MAC address

CSCwb04975

FTD Snort3 traceback in daq-pdts while handling FQDN based traffic

CSCwb05148

Cisco ASA Software and FTD Software SNMP Denial of Service Vulnerability

CSCwb05291

Cisco ASDM and ASA Software Client-side Arbitrary Code Execution Vulnerability

CSCwb06273

Continuous memory leak in the process hmlsd (SF::Messaging::smartSend)

CSCwb06543

Increase logging level to diagnose LACP process unexpected restart events

CSCwb06847

ASA/FTD may traceback and reload in Thread Name 'DATAPATH-9-11543'

CSCwb07319

Entitlement tags contain invalid character.

CSCwb07908

Standby FTD/ASA sends DNS queries with source IP of 0.0.0.0

CSCwb07981

Traceback: Standby FTD reboots and generates crashinfo and lina core on thread name cli_xml_server

CSCwb08393

SSL policy deploy failing when using special characters on SSL rule names

CSCwb08773

FPR2130 LED is off when power supply module 1 is back

CSCwb11939

ASA/FTD MAC modification is seen in handling fragmented packets with INSPECT on

CSCwb12465

FIPS self-tests must be run when CC mode is enabled - files are missing

CSCwb13294

WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 25)

CSCwb15170

RM 1120 Port state going down, speed is 100/10 and duplex full/Half, speed and duplexmismatchpresent

CSCwb16561

FMC GUI does not load Intrusion Policies

CSCwb16920

CPU profile cannot be reactivated even if previously active memory tracking is disabled

CSCwb17187

SNMP cores are generated every minute while running snmpwalk on HA

CSCwb18252

FTD/ASA: Traceback on BFD function causing unexpected reboot

CSCwb19387

ASA SNMP Poll is failing & show display "Unable to honour this request now.Please try again later."

CSCwb19648

SNMP queries for crasLocalAddress are not returning the assigned IPs for SSL/DTLS tunnels.

CSCwb20940

FMC: Add validation checks for the combination of SSL/Snort3/NAP in Detection mode

CSCwb21704

FDM: Add validation checks for the combination of SSL/Snort3/NAP in Detection mode

CSCwb22359

Portmanager/LACP improvement to avoid false restarts and increase of logging events

CSCwb23029

Cisco Firepower Management Center Software Command Injection Vulnerability

CSCwb23048

Cisco Firepower Management Center Software Command Injection Vulnerability

CSCwb24039

ASA traceback and reload on routing

CSCwb25809

Single Pass - Traceback due to stale ifc

CSCwb31699

Primary takes active role after reload

CSCwb32841

NAT (any,any) statements in-states the failover interface and resulting on Split Brain events

CSCwb33184

Memory leak in MessageService causes UI slowness

CSCwb33334

ASA: crash after sending some traffic over RAVPN tunnel

CSCwb34035

ASA CLI gets hung randomly while configuring SNMP

CSCwb35675

Snort3 is partially in sync with Snort 2 warning alert

CSCwb36256

Increase size of System cgroup so that more of available memory will be used

CSCwb37077

“show access-control-config” for DNS Reputation Enforcement does not work.

CSCwb37999

Customized Variables name cause Snort3 validation failure

CSCwb38406

GeoDB updates on multi-domain environment requires a manual policy deployment

CSCwb40001

Long delays when executing SNMP commands

CSCwb41361

WR8, LTS18 and LTS21 commit id update in CCM layer (seq 26)

CSCwb41854

Cisco FTD Software and Cisco FXOS Software Command Injection Vulnerability

CSCwb42846

Snort instance CPU stuck at 100%

CSCwb43018

Implement SNP API to check ifc and ip belongs to HA LU or CMD interface

CSCwb43629

License and rule counts telemetry data incorrectly generated for HA managed devices

CSCwb46949

LTS18 commit id update in CCM layer (seq 27)

CSCwb50405

ASA/FTD Traceback in crypto hash function

CSCwb51707

ASA Traceback and reload in process name: lina

CSCwb52401

Cisco Firepower Threat Defense Software Privilege Escalation Vulnerability

CSCwb53172

FTD: IKEv2 tunnels flaps every 24 hours and crypto archives are generated

CSCwb53191

Certificate validation fails post upgrade to 9.17.1

CSCwb53328

ASA/FTD Traceback and reload caused by Smart Call Home process sch_dispatch_to_url

CSCwb53694

Cisco Firepower Management Center Software XML External Entity Injection Vulnerability

CSCwb57615

Configuring pbr access-list with line number failed.

CSCwb58007

CVE-2022-28199: Evaluation for FTDv and ASAv

CSCwb59465

ASA/FTD may traceback (watchdog) and reload when generating a syslog from the VPN Failover subsystem

CSCwb59488

ASA/FTD Traceback in memory allocation failed

CSCwb59619

PM needs to restart the Disk Manager after creating ramdisk to make DM aware of the ramdisk

CSCwb61901

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

CSCwb61908

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

CSCwb61919

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

CSCwb65718

FMC is stuck on loading SI objects page

CSCwb66736

Multiple Cisco Products Snort SMB2 Detection Engine Policy Bypass and DoS Vulnerability

CSCwb66761

Cisco Firepower Threat Defense Software Generic Routing Encapsulation DoS Vulnerability

CSCwb67040

FP4112|4115 Traceback & reload on Thread Name: netfs_thread_init

CSCwb68642

ASA traceback in Thread Name: SXP CORE

CSCwb71460

ASA traceback in Thread Name: fover_parse and triggered by snmp related functions

CSCwb74357

FXOS is not rotating log files for partition opt_cisco_platform_logs

CSCwb74571

PBR not working on ASA routed mode with zone-members

CSCwb76129

Some SSL patterns not detected after VDB 356 or higher is installed

CSCwb80108

FP2100/FP1000: Built-in RJ45 ports randomly not coming up after portmanager restart events

CSCwb80192

WR6, WR8 commit id update in CCM layer(Seq 30)

CSCwb82796

ASA/FTD firewall may traceback and reload when tearing down IKE tunnels

CSCwb84638

Portmanager/LACP improvement to capture logging events on external event restarts

CSCwb85822

Deployment failing when collecting policies.

CSCwb86118

TPK ASA: Device might get stuck on ftp copy to disk

CSCwb87762

Multiple Cisco Products Snort SMB2 Detection Engine Policy Bypass and DoS Vulnerability

CSCwb87950

Cisco ASA Software and FTD Software Web Services Interface Denial of Service Vulnerability

CSCwb88587

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

CSCwb88651

Cisco ASA and FTD Software RSA Private Key Leak Vulnerability

CSCwb89004

FMC DBcheck.pl hungs at "Checking mysql.rna_flow_stats_template against the current schema"

CSCwb89187

Flex Config allow - "timeout icmp-error hh:mm:ss"

CSCwb89963

ASA Traceback & reload in thread name: Datapath

CSCwb94170

merovingian.log file extremly big size can fill the disk

CSCwb95787

FPR1010 - No ARP on switchport VLAN interface after portmanager DIED event

CSCwc02133

Cisco FTD Software and Cisco FXOS Software Command Injection Vulnerability

CSCwc03507

No-buffer drops on Internal Data interfaces despite little evidence of CPU hog

CSCwc06833

Deployment failure with ERROR Process Manager failed to verify LSP ICDB

CSCwc08676

WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 32)

CSCwc08683

The interface's LED remains green blinking when the optical fiber is unplugged on FPR1150

CSCwc10037

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

CSCwc12322

Digitally signed ASDM image verification error on FPR3100 platforms

CSCwc13017

FTD/ASA traceback and reload at at ../inspect/proxy.h:439

CSCwc13382

DCERPC traffic is dropped after upgrade to snort3 due to Parent flow is closed

CSCwc18218

Database files on disk grow larger than expected for some frequently updated tables

CSCwc25207

WR6, WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 33)

CSCwc28334

Cisco ASA and FTD Software RSA Private Key Leak Vulnerability

CSCwc28660

Snort3: NFSv3 mount may fail for traffic through FTD

CSCwc32246

NAT64 translates all IPv6 Address to 0.0.0.0/0 when object subnet 0.0.0.0 0.0.0.0 is used

CSCwc34818

The device is unregistered when Rest API calls script.

CSCwc35969

cannot add IP from event to global lists (block or do-not-block) if similar IP is already on list

CSCwc37061

SNMP: FMC doesn't reply to OID 1.3.6.1.2.1.25.3.3.1.2

CSCwc41590

Upgrade fail & App Instance fail to start with err "CSP_OP_ERROR. CSP signature verification error."

CSCwc41661

High disk usage due to process_stdout.log and process_stderr.log logrotate failure (deleted files)

CSCwc44289

FTD - Traceback and reload when performing IPv4 <> IPv6 NAT translations

CSCwc44608

Selective deployment of IPS may cause outage due to incorrectly written FTD configuration files

CSCwc46569

WR8, LTS18 and LTS21 commit id update in CCM layer (Seq 34)

CSCwc50519

Excessive logging from hm_du.pm may lead to syslog-ng process restarts

CSCwc50887

FTD - Traceback and reload on NAT IPv4<>IPv6 for UDP flow redirected over CCL link

CSCwc50891

MPLS tagging removed by FTD

CSCwc52351

ASA/FTD Cluster Split Brain due to NAT with "any" and Global IP/range matching broadcast IP

CSCwc62384

Vulnerabilities on Cisco FTD Captive Portal on TCP port 885

CSCwc65907

snort3 hangs in Crash handler which can lead to extended outage time during a snort crash

CSCwc82188

FTD Traceback and reload when applying long capture commands from FMC UI

CSCwc83886

To get pre-committed tests passed for https://sp4-fp-swarm.cisco.com/reviews/3058043

CSCwd05814

PDTS write from Daq can fail when PDTS buffer is full eventually leads to block depletion

CSCwd24639

Functional: FMCv patch upgrade is fails

CSCwd49758

Pre-deployment failure seen in FMC due to huge number policies

CSCwd52995

FMC not opening deployment preview window

CSCwd53340

FTD PDTS LINA RX queue can become stuck when snort send messages with 4085-4096 bytes size

CSCwd66815

Lina changes to support - Snort3 traceback in daq-pdts while handling FQDN based traffic

CSCwd74116

S2S Tunnels do not come up due to DH computation failure caused by DSID Leak

CSCwd78123

ASA/FTD traceback and reload when IPSec/Ikev2 vpn session bringup with dh group 31 in fips mode

CSCvq26114

Cron jobs (Scheduled tasks) stop working if FMC is under constant ssh login attempt (DOS)

CSCvr11958

AWS FTD: Deployment failure with ERROR: failed to set interface to promiscuous mode

CSCvs37955

Confusing message about 'without removing the physical hardware' during Acknowledge Security Module

CSCvs44109

FMC: PPPoE password restrictions are too strict; should match the underlying code

CSCvs50538

Firewall engine should fall back on info from SSL handshake if SSL engine does not return a verdict

CSCvs73924

Chassis Mgr should say you cannot change AAA server when same protocol is configured for Auth

CSCvu12734

Watchdog traceback on both FTD and ASA devices at boot time

CSCvu23149

Backup generation in FMC fails due to corrupt SID_GID_ORD index in database table rule_opts

CSCvu97242

FTD 2100: Corefile and crashinfo might both be truncated and incomplete in the event of a crash

CSCvu98260

Stale route present on DRP database when HA is nsf enabled in specific scenario.

CSCvv24647

FTD 2100 - SNMP: incorrect values returned for Ethernet statistics polling

CSCvv40916

3 min delay caused by AbstractBaseDeploymentValidationHandler.validatePreApply during deploy.

CSCvv59676

Snort2: Implement aggressive pruning for certificate cache for TLS to free up memory

CSCvv87594

FXOS - jQuery vulnerabilities

CSCvv89715

Fastpath rules for Firepower 8000 series stack disappear randomly from the FMC

CSCvw22435

Error "No such file or directory" happened when using "copy ftp: workspace:" in FXOS 2.8.1

CSCvw30887

FXOS crashed due to HA policy of Reset with Service: bcm_usd hap reset

CSCvw62255

"Link not connected" error when using WSP-Q40GLR4L transceiver and Arista switch with Firepower 4100

CSCvw62435

AnyConnect Cannot Coexist in an Interface where Security Zone/Interface Group is Used by a VTI

CSCvw63283

The link in Cloud Services redirects user to NAM CTR portal even FTD is registered to EU or APJC

CSCvw67974

SSH access with public key authentication fails after FXOS upgrade

CSCvw77924

Radius Key with the ASCII character " configured on FXOS does not work after chassis reload.

CSCvw79465

FXOS upgrade does not do proper compatibility check for FTD image

CSCvw90634

FP2100 ASA - 1 Gbps SFP in network module down/down after upgrade to 9.15.1.1

CSCvw93159

Firepower 2100: ASA/FTD generates message "Local disk 2 missing on server 1/1"

CSCvw95181

FXOS upgrade fails with error "does not support application instances of deployment type container"

CSCvx04436

Forbidden to run multiple SFDaCo processes, but pidfile not successful at blocking second instance

CSCvx16317

Failure accessing FXOS with connect fxos admin from Multi-Context ASA if admin context is changed

CSCvx24555

Identity Policy rule validation may impact FMC performance

CSCvx26927

TLS site not loading when it has segmented and retransmitted CH

CSCvx27744

Policy deployment may fail on FTD after 6.6.1 due to failure to get version upgrade information

CSCvx32017

Smart License shows "Out of Compliance" but doesn't point which License Type

CSCvx33904

Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation

CSCvx43150

On the FMC, process of registration of member device post RMA is not successful

CSCvx44283

Static route checking is too restrictive on FDM UI

CSCvx48862

Unable to save new cluster node configs on FCM due to java error

CSCvx54562

High System Overhead memory on FTD

CSCvx57417

Smart Tunnel Code signing certifcate renewal

CSCvx62422

License page stuck for the devices in clustered_device table

CSCvx64683

White space characters in NAP portscan ignore_scanners field can cause FATAL snort crashes

CSCvx67856

FTD7.0: Prometheus process doesnt come up when system ungracefully rebooted

CSCvx68803

FMC (API) replies a 500 HTTP code instead of 400 due to a bad request

CSCvx70480

403 error when accessing Policies -> Access Control after exporting User Role from FMC(4600) to FMCv

CSCvx75445

No option to create inline set with bypass standby on Firepower 2130

CSCvx75743

Inconsistent FMC audit log severity

CSCvx76665

Error messages "Updating Interface Status failed" seen on 2100 and 1010

CSCvx78238

multi context Firepower services on ASA traffic goes to incorrect interfaces

CSCvx80830

VPN conn fails from same user if Radius server sends a dACL and vpn-simultaneous-logins is set to 1

CSCvx82705

Evaluation of ssp for OpenSSL March 2021 vulnerabilities

CSCvx82957

Smart CLI taking much time to load.

CSCvx86177

inet6_ntoa and unix_timestamp Functions used to externally poll FMC database return errors

CSCvx89113

Object group with mix of IPv4/6 addresses not searchable while creating new object group

CSCvx89827

Not able to set Bangkok time zone in FPR 2110

CSCvx92932

Missing events on FMC due to SFDataCorrelator process exiting

CSCvx94732

Firepower Threat Defense (FTD) Health Monitor Alert - High unmanaged disk usage on /ngfw

CSCvx95652

ASAv Azure: Some or all interfaces might stop passing traffic after a certain period of run time

CSCvy01482

Realm Sync Results Page Hangs After Upgrade

CSCvy02240

Cisco Firepower Threat Defense Ethernet Industrial Protocol Policy Bypass Vulnerabilities

CSCvy02950

Need Stack and Cluster EO’s history in TS

CSCvy03115

FDM UI crashed when we try to download deployable configuration

CSCvy03907

Creation/Edit of Access Control Policy fails with error 'Rule Name Already Exists'

CSCvy06393

UI failure when adding source feed

CSCvy07957

FMC - 'Open in context explorer' redirection/option cannot fetch data

CSCvy08351

Intrusion and Correlation Email Alerts stop being sent to mail server

CSCvy08908

Port-forwarding application blocked by Java

CSCvy10789

FTD 2110 ascii characters are disallowed in LDAP password

CSCvy13229

FDM - GUI Inaccessible - tomcat is opening too many file descriptors

CSCvy13543

Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability

CSCvy14721

ssl traffic dropped by FTD while CH packet has a destination port no greater than source port

CSCvy15396

ClamAV downloads failing on the standby FMC produce overwhelming amount of logs in /var directory

CSCvy16004

Delay in DIFF calculations can cause deployment issues and HA App sync timeout in FTDs

CSCvy16559

Cisco Firepower Threat Defense Software Command Injection Vulnerabilities

CSCvy16573

Cisco Firepower Threat Defense Command Injection Vulnerability

CSCvy17030

FMC Connection Events page "Error: Unable to process this query. Please contact support."

CSCvy17365

REST API Login Page Issue

CSCvy19136

Web portal persistent redirects when certificate authentication is used.

CSCvy19453

SFDataCorrelator performance problems involving redundant new host events with only MAC addresses

CSCvy20605

Warning health alert should not be triggered while refreshing the diskmanager process

CSCvy21334

Active tries to send CoA update to Standby in case of "No Switchover"

CSCvy22765

Synchronization daemon exited. Syncd crashing. var/sf/tds/cloud-events.json is empty.

CSCvy23126

FMC upgrade to 6.6.1 failing on 800_post/097_upgrade_ssl_inspection.pl.log

CSCvy24435

FMC GUI can be accessed by an expired password when using .cgi with https://FMCIP/login.cgi

CSCvy24921

SNMPv3 - SNMP EngineID changes after every configuration change

CSCvy26511

Tune unmanaged disk alert thresholds for low end platforms

CSCvy30016

SSL decryption policy may cause performance degradation in Snort

CSCvy30101

snort2 memory usage can grow beyond expected limits when using ssl decryption

CSCvy30392

Backup generation on FMC fails due to corrupt int_id index in table ids_event_msg_map

CSCvy31400

FMC may disable autonegotiation for physical interfaces with 1Gbps SFP after FTD upgrade

CSCvy31424

QP FTD application fails to start due to outdated affinity.conf following FXOS/FTD upgrade

CSCvy31521

Add syslog-ng monitor to the FMC and NGIPS

CSCvy31793

ibdatafix.sh does not fail in unattended mode on backup if the backup runs out of disk space

CSCvy33044

Bad user session processing rate when floating at device user accounts limit

CSCvy33879

FTD: repair_users.pl creates rogue .firstboot file that causes FTD reboot failure

CSCvy34333

When ASA upgrade fails, version status is desynched between platform and application

CSCvy34941

false alarm 'Health monitoring severely behind schedule'

CSCvy35416

Deploy failure from global domain when parallel deploy triggered to different child domains

CSCvy36694

FTDv 6.7 on Azure is unable to set 1000 speed on GigabitEthernet interfaces

CSCvy37484

Entries in device_policy_ref is huge causing slow performance when opening DeviceManagement page

CSCvy38558

After upgrade to 6.6.1, Edit/Save in the BGP config throws Invalid scan time error

CSCvy39191

An internal server error 500 in T-ufin when doing API calls to the FMC

CSCvy39791

Lina traceback and core file size is beyond 40G and compression fails.

CSCvy41157

HA formation failing after restore

CSCvy41757

Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability

CSCvy43349

Internal error thrown while adding an ACP as base for another ACP

CSCvy43447

FTD traceback and reload on Lic TMR Thread on Multi Instance FTD

CSCvy43911

FDM: OSPF Interface SmartCLI fails to save update and shows new fields on edit

CSCvy44566

FTD deployment failure during App config validation due to AQ memory consumption

CSCvy44752

Interface creation failed

CSCvy47786

Deployment preview will show unchanged/unadded comments to ACP rules

CSCvy47927

Unable to select multiple policies for scheduled firepower recommended rules

CSCvy48730

ASA/FTD may traceback and reload in Thread Name 'Unicorn Proxy Thread'

CSCvy48764

SSH access with public key authentication requires user password

CSCvy50009

Incorrect error reported when running installation readiness check

CSCvy52617

FMC6.7 changes IPSec Profiles on VTI with each deployment resulting in tunnel flap

CSCvy53301

HA Configuration fails on FDM with 'Internal error during deployment'

CSCvy55054

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DoS

CSCvy55676

FMC Deployment failed due to internal errors

CSCvy57905

VTI tunnel interface stays down post reload on KP/WM platform in HA

CSCvy59958

Continuous memory leak in the process hmlsd (SF::Messaging::smartSend)

CSCvy63463

Error deleting users due to special characters

CSCvy63464

FTD 1100/ 2100 series reboots with clock set to 2033

CSCvy65248

FTDv in Azure D5_v2 instance - Interface drops before CPU maxed out

CSCvy66065

Multiple Cisco Products Snort Rule Denial of Service Vulnerability

CSCvy66849

The device is unregistered when Rest API calls script run every 5 min

CSCvy66942

FPR4100/9300 IPv6 config cannot be applied using Rest API LTP on 9300/4100 Supervisor

CSCvy68166

Realm page is not loading after upgrade to 7.0

CSCvy68859

DB Conn not released with LSP and category filter in Intrusion rules

CSCvy68974

ActionQueue process is killed by OOM killer due to process utilizing more than 3 GB limit for memory

CSCvy69189

FTD HA stuck in bulk state due to stuck vpnfol_sync/Bulk-sync keytab

CSCvy69787

ASAv on AWS TenGigabit interface is learning 1000mbps instead of 10000Mbps

CSCvy71478

Delay in the response received for the request made to LINA using ASALinaCliUtilShow

CSCvy72118

High snort cpu usage while copying navl attribute - ( Fragmented metadata )

CSCvy72185

FXOS Apache HTTP Server Multiple Vulnerabilities (CVE-2020-11993) and (CVE-2020-9490)

CSCvy73930

EventHandler deployment error due to syntax error due to special characters in AC rule name

CSCvy74984

ASAv on Azure loses connectivity to Metadata server once default outside route is used

CSCvy78573

cloudagent should not send zero-length urls to beaker for lookup

CSCvy79015

FMC 6.7 > 7.0 Upgrade failure on 800_post/800_manager_install_lsp.pl

CSCvy79186

Pull_Upgrade job stuck and blocking device upgrade

CSCvy82655

REST API - Bulk AC rules creation fails with 422 Unprocessable Entity

CSCvy83116

FTD 1000 standby fails to re-join HA with msg "CD App Sync error is SSP Config Generation Failure"

CSCvy84733

SFR Upgrade 6.7 to 7.0: Syslogs stopped working

CSCvy86780

Error Could not complete LSP installation. Please try again.

CSCvy86817

Cruz ASIC CLU filter has the incorrect src/dst IP subnet when a custom CCL IP subnet is set

CSCvy88381

INET6_NTOA(location_ip) fails when externally polling FMC Database

CSCvy89440

s2sCryptoMap Configuration Loss

CSCvy93480

Cisco ASA and FTD Software IKEv2 Site-to-Site VPN Denial of Service Vulnerability

CSCvy95329

Incorrect Access rule matching because of ac rule entry missing

CSCvy95554

Unable to download LDAP due to database MERGE failure on group_fsp_reference table

CSCvy96325

FTD/ASA: Adding new ACE entries to ACP causes removal and re-add of ACE elements in LINA

CSCvy96698

Resolve spurious status actions checking speed values twice in FXOS portmgr

CSCvy98027

Application interface down whereas physical interface Up on FXOS

CSCvy98458

FP21xx -traceback "Panic:DATAPATH-10-xxxx -remove_mem_from_head: Error - found a bad header"

CSCvy99373

ADI Session Processing Delays when resolving adSamAccountName with AD

CSCvz00254

FDM 6.7.0 to 7.0.0 Upgrade Failed due to invalid state for site to site VPN during upgrade import

CSCvz00934

Not able to configure VTI with tunnel source as (FMC Access) data-interface

CSCvz01766

Standby FDM's GUI is blank

CSCvz05468

Multiple SSH host entries in platform settings as first feature enable/deploy will break SSH on LINA

CSCvz05687

Fragmented Certificate request failed for DND flow

CSCvz05767

FP-1010 HA link goes down or New hosts unable to connect to the device

CSCvz05921

Auto-negotiation configuration checkbox option for 2100 SFP interfaces not available

CSCvz06848

Software upgrade on FDM-managed FTD fails due to snmp-server community validation failure

CSCvz12770

Policy Deployment failure at 0% due to clock-reset issues

CSCvz14616

No connection events due to SFDataCor process stuck

CSCvz14628

FMC 2500 upgraded to 6.6.5-78: in purging events database 'eventdb' down, manual intervention needed

CSCvz15676

In Firepower 1010 device, after upgrading ASA app, device going for fail safe mode

CSCvz15755

FTD - Port-channel not coming up after upgrade and may generate core file

CSCvz17046

ASAv crashed when tried to upgrade or reload the 16 node cluster setup

CSCvz17534

FTD Restore Backup CLI does not restore the VPN configuration

CSCvz18341

FMC: Peer/Device UUID in EM_peers table should be removed/cleaned upon executing remove_peers

CSCvz19634

FTD software upgrade may fail at 200_pre/505_revert_prep.sh

CSCvz20544

ASA/FTD may traceback and reload in loop processing Anyconnect profile

CSCvz20679

FTDv - Lina Traceback and reload

CSCvz26998

FMC REST API calls return http error code 500 when processes use same credentials

CSCvz28103

FDM: Saving DHCP relay config throws flex-config/smart CLI error

CSCvz28145

Error "Another operation by another user prevented this operation. Please retry after sometime."

CSCvz31184

Validation of unsupported flow-offload using pre-filter in passive/inline interfaces in FPR4100/9300

CSCvz32386

FTD Deployment error when FMC pushes PFS21 and IKEv1 settings on same crypto map entry

CSCvz33190

SecurityIntelligence URL feed - Failed to download SSL peer certificate or SSH remote key was not OK

CSCvz33468

ASA/FTD - NAT stops translating source addresses after changes to object-groups in manual NAT Rule

CSCvz34831

If ASA fails to download DACL it will never stop trying

CSCvz36862

FMC policy deployment takes more than 15 min on phase 3

CSCvz36933

Sensor SNMP process may restart when policy deploy

CSCvz38361

BGP packets dropped for non directly connected neighbors

CSCvz40098

FTD HA: Health Monitor page shows "Error in fetching device details Error: validation failed"

CSCvz46333

FTD policy deployment failure due to internal socket connection loss

CSCvz46680

FMC shows empty managed device inventory details and applied policy

CSCvz49289

FMC 6.6 connection events excluding port excludes protocol as well

CSCvz50270

Add a validation check on FMC GUI to validate the dynamic PAT rule modifications

CSCvz50712

TLS server discovery uses incorrect source IP address for probes in AnyConnect deployment

CSCvz51175

FTD HA not forming when SNMP adminState is disabled

CSCvz53372

Snort goes into D state after executing "config log-events-to-ramdisk disable"

CSCvz53606

Specify what changes to Security Zone objects are changing Security Zone UUID

CSCvz53993

Random packet block by Snort in SSL flow

CSCvz55302

FTD/ASA Traceback and reload due to SSL null checks under low memory conditions

CSCvz57917

High unmanaged disk usage on /ngfw filled with module-xxxx-x86_64.tgz files in packages folder

CSCvz59464

IPReputation Feed Error Message-Method Not Allowed

CSCvz61477

RAVPN Authorization fails if same RADIUS server is used as authentication and authorization server

CSCvz61767

Policy deployment with SNMPv2 or SNMPv1 configuration fails

CSCvz63444

FMC custom widgets keep polling and do not return any data

CSCvz64548

SFTunnel on device not processing event messages

CSCvz65181

Cisco Firepower Threat Defense Software Security Intelligence DNS Feed Bypass Vulnerabilit

CSCvz66506

Continuous ADI traceback and reload on FPR2100 registered to FMC HA

CSCvz71569

FTD Traceback & reload due to process ZeroMQ out of memory condition

CSCvz76745

SFDataCorrelator memory growth with cloud-based malware events

CSCvz77037

FMC user interface access may fail with SSL errors in mojo-server

CSCvz80981

SNMPv3 doesn't work for SFR modules running version 7.0

CSCvz81342

Diskmanager not pruning AMP File Capture files

CSCvz81934

Revert 'fix' introduced by CSCvx95884

CSCvz82433

Trying to query the FMC database via external DB access for intrusion events interface value missing

CSCvz85493

FTD backup.log increased size out of control to 50GB or more causing /ngfw to 100% full

CSCvz89545

SSL VPN performance degraded and significant stability issues after upgrade

CSCvz90654

FTD Failover unit does not join HA due to "HA state progression failed due to APP SYNC timeout"

CSCvz96462

IP Address 'in use' though no VPN sessions

CSCvz97196

Can't create Flexconfig Object with ldap-naming-attribute pager cause pager is block.

CSCwa20516

FMC policy deployment takes more than 14 min

CSCze92695

LDAP user password stored in the clear in /etc/sf/authconfig*.con...