Cisco Bug: CSCvi84463 - OpenIOC Not showing info
Apr 28, 2018
- Cisco AMP for Endpoints
Known Affected Releases
Symptom: An alert in Device Trajectory is shown as: OpenIOC: W32.NetshFirewallDisable Description: A process attempted to halt the Windows Firewall using the 'netsh' command. This is often done in order to ensure no existing firewall rules prevent outbound communications by the malware. It also ensures that inbound connections are accepted by the host. No further info is referenced to it Conditions: The event has to be older than one month or overpassed 4000 events limit by actual Device Trajectory.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases