Guest

Preview Tool

Cisco Bug: CSCvi84463 - OpenIOC Not showing info

Last Modified

Aug 30, 2018

Products (1)

  • Cisco AMP for Endpoints

Known Affected Releases

n/a

Description (partial)

Symptom:
An alert in Device Trajectory is shown as: 

OpenIOC: W32.NetshFirewallDisable

Description: A process attempted to halt the Windows Firewall using the 'netsh' command. This is often done in order to ensure no existing firewall rules prevent outbound communications by the malware. It also ensures that inbound connections are accepted by the host.

No further info is referenced to it

Conditions:
The event has to be older than one month or overpassed 4000 events limit by actual Device Trajectory.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.