Dear Cisco Customer,
Cisco engineering has identified the following software issues with the release that you have selected that might affect your use of this software. Please review the Software Advisory notice here to determine if either of these issues apply to your environment.
Affected Software and Replacement Solution for CSCvs84578 and CSCvs84713 |
||
Software Type |
Software Affected |
Software Solution |
Firepower Threat Defense (FTD) Software |
Version: 6.2.3.15 build 38 |
Version: |
Reason for Advisory: This software advisory addresses the following two software issues and provides workarounds to address the issues:
Software Issue #1
CSCvs84578 Upgrading FTD on 4100/9300 Platform to 6.2.3.15 prevents the FTD instance from booting up
Affected Platforms: Firepower 4100 Series and Firepower 9300
Symptom: FTD application on the Firepower 4100/9300 will not start after upgrading to 6.2.3.15 build 38, deploying a policy, and then restarting.
Conditions:
These events precede the problem state:
§ Firepower 4100/9300 is running FXOS 2.3.1.
§ The FTD application is upgraded to 6.2.3.15 build 38.
§ A policy is pushed to the device.
§ The FTD application is restarted.
Software Issue #2
CSCvs84713 Cannot SSH to the device after upgrading FTD on ASA55XX/ISA 3000/FTDv to 6.2.3.15 build 38
Affected Platforms: ASA 5500-X Series with FTD, ISA 3000 with FTD, and Cisco Firepower Threat Defense Virtual (FTDv)
Symptom: After upgrading to 6.2.3.15 build 38, the FTD/FTDv application may refuse all management port SSH session connection requests.
Conditions:
These events precede the problem state:
§ The FTD/FTDv application is upgraded to 6.2.3.15 build 38.
§ A policy is pushed to the FTD/FTDv application.
§ The FTD/FTDv application is restarted.
Workaround
To work around either of these issues, do one of the following:
§ Use the updated 6.2.3.15 build 39 or a later software release and avoid 6.2.3.15 build 38. The problematic 6.2.3.15 build 38 is no longer available for download.
§ If the system is running 6.2.3.15 build 38 and is operational, perform one of the following software updates:
o Apply the Firepower Threat Defense 6.2.3-DW hotfix: https://www.cisco.com/c/en/us/td/docs/security/firepower/hotfix/Firepower_Hotfix_Release_Notes/available-hotfixes.html#id_84872
o Upgrade to Firepower Threat Defense 6.3, 6.4, or 6.5.
§ If the system is no longer operational:
o Contact Cisco TAC so that a customer representative can manually repair the FTD application.
o For Firepower 4100/9300, you can also upgrade the chassis to FXOS 2.4.1 or a higher version that is compatible with 6.2.3.15 based on the following compatibility matrix: https://www.cisco.com/c/en/us/td/docs/security/firepower/fxos/compatibility/fxos-compatibility.html#id_59069