Guest

Preview Tool

Cisco Bug: CSCur03296 - ENH: PRSM: Rep Query for IP Addresses Does Not Match Actual WBRS Score

Last Modified

Nov 23, 2016

Products (1)

  • Cisco ASA Next-Generation Firewall Services

Known Affected Releases

9.3(1.1.112)

Description (partial)

Symptom:
Web Reputation Scores in the PRSM Lookup Tool for IP addresses may be different than the actual, calculated scores by the CX during traffic processing.  As a result, HTTP traffic destined to a target IP address may be blocked with a lower reputation score than what is reported in the lookup tool.  This is expected behavior since connecting directly via HTTP using IP addresses can be used to mask untrusted domains and therefore the score is lowered accordingly.

Conditions:
1.  Must be accessing a website directly via its IP address using HTTP.
2.  Must be comparing the web reputation score from the tool with the number given in the PRSM event of the traffic flow to notice the discrepancy
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.