Field Notice: FN - 70442 - Firepower Software - Security

Platform Might Not Trust Threat Grid Certi!cates - Software

Upgrade Recommended

Updated: September 3, 2019 Document ID: FN70442

Notice

THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF
GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF
THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT
YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT
ANY TIME.

Revision History

Revision Publish Date Comments

1.0 03-Sep-19 Initial Release

Products A!ected

A!ected A!ected A!ected A!ected Release Number Comments

OS Type Software Release
Product

NON- Firepower 6.1 6.1.0, 6.1.0.1, 6.1.0.2, 6.1.0.3, 6.1.0.4,

IOS Management 6.1.0.5, 6.1.0.6
Center
Software

NON- Firepower 6.2 6.2.0, 6.2.0.1, 6.2.0.2, 6.2.0.3, 6.2.0.4,

IOS Management 6.2.0.5, 6.2.1, 6.2.2, 6.2.2.1, 6.2.2.2,
Center 6.2.2.3, 6.2.2.4, 6.2.3, 6.2.3.1, 6.2.3.2,
Software 6.2.3.3, 6.2.3.4

Defect Information

Defect ID Headline

CSCvj07038 Firepower devices need to trust Threat Grid certi!cate

Problem Description
Some versions of Firepower software might fail to properly connect to and integrate with Cisco Threat
Grid.
Background
Some versions of Firepower software do not trust the Cisco Threat Grid certi!cates, which results in a
failure to connect to and integrate with Cisco Threat Grid. An updated Cisco Threat Grid Certi!cate is
required to enable Threat Grid functionality on the Firepower platform.

Problem Symptom
For a"ected software that runs on the Firepower Management Center platforms, the user will be
unable to pull reports from Threat Grid or submit !les manually for analysis.
For a"ected software that runs on the Firepower Threat Defense and ASA with Firepower Services, the
user will be unable to upload !les for Threat Grid analysis.
This message might be observed in the /var/log/messages !le:

SF-IMS[8582]: [10811] SFDataCorrelator:FileExtractCloud [INFO] failed to register with sandbox cloud with error

This Health Alert might be observed on the Firepower Management Center GUI:

AMP for Network Status

Successfully connected to cloud

Firepower Management Center: Unable to communicate with dynamic analysis cloud

Workaround/Solution
Cisco recommends that you upgrade the Firepower software in order to resolve the Threat Grid
certi!cate issue for a"ected units.
Customers that have a valid service contract can download updated Firepower software versions that
address this issue from Cisco Software Central.
Refer to this table in order to determine the recommended upgrade path for your speci!c product.

Impacted Software Version(s) Fixed Software Version(s)

6.1.0.x 6.1.0.7 or later

6.2.0.x 6.2.0.6 or later

6.2.2.x 6.2.2.5 or later

6.2.3.x 6.2.3.5 or later

For More Information

If you require further assistance, or if you have any further questions regarding this !eld notice, please
contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:

Open a service request on Cisco.com

By email
By telephone

Receive Email Noti"cation For New Field Notices

Cisco Noti!cation Service—Set up a pro!le to receive email updates about reliability, safety, network
security, and end-of-sale issues for the Cisco products you specify.

© 2020 Cisco and/or its a"liates. All rights reserved.